From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ipalex@ipalex.org.ua>
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on sa.int.altlinux.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.0 required=5.0 tests=BAYES_00, RDNS_NONE, URIBL_SBL
	autolearn=no version=3.2.5
Message-ID: <4B82D5D8.3020009@ipalex.org.ua>
Date: Mon, 22 Feb 2010 21:07:04 +0200
From: =?windows-1251?Q?=CF=E8=F0=EE=E3=EE=E2_=C0=EB=E5=EA=F1=E5=E9?=
	<ipalex@ipalex.org.ua>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; ru;
	rv:1.9.1.7) Gecko/20100111 Thunderbird/3.0.1
MIME-Version: 1.0
To: ALT Linux Community general discussions <community@lists.altlinux.org>
References: <4B7EBB44.5090006@ipalex.org.ua>	<201002192013.45989.cas@altlinux.ru>
	<4B80DCD8.9050904@mail.ru>
In-Reply-To: <4B80DCD8.9050904@mail.ru>
Content-Type: text/plain; charset=windows-1251; format=flowed
Content-Transfer-Encoding: 8bit
Subject: Re: [Comm]
 =?windows-1251?b?7/Du4evl7OAg8SDv8O7q8egg7+7kIEFMVExpbnV4?=
 =?windows-1251?q?_Server_5?=
X-BeenThere: community@lists.altlinux.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: ALT Linux Community general discussions
	<community@lists.altlinux.org>
List-Id: ALT Linux Community general discussions <community.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/options/community>,
	<mailto:community-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/community>
List-Post: <mailto:community@lists.altlinux.org>
List-Help: <mailto:community-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/community>,
	<mailto:community-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Feb 2010 19:09:14 -0000
Archived-At: <http://lore.altlinux.org/community/4B82D5D8.3020009@ipalex.org.ua/>
List-Archive: <http://lore.altlinux.org/community/>
List-Post: <mailto:mandrake-russian@linuxteam.iplabs.ru>

21.02.2010 9:12, Дровняшин Александр пишет:
> 19.02.2010 22:13, Андрей Черепанов пишет:
>> Справку не читали, это понятно. Нужно разрешённые сети добавить, 
>> включить
>> службу и нажать на «Применить». И всё работает.
ну в общем-то с этого начал, но получил ошибку (что-то типа "не могу 
запустить прокси")
и полез смотреть логи, а там следующее:
Feb 16 14:22:35 alpha squid: 2010/02/16 14:22:35| WARNING: 
'0.0.0.0/0.0.0.0' is a subnetwork of '0.0.0.0/0.0.0.0'
Feb 16 14:22:35 alpha squid: 2010/02/16 14:22:35| WARNING: because of 
this '0.0.0.0/0.0.0.0' is ignored to keep splay tree searching predictable
Feb 16 14:22:35 alpha squid: 2010/02/16 14:22:35| WARNING: You should 
probably remove '0.0.0.0/0.0.0.0' from the ACL named 'all'
Feb 16 14:22:35 alpha squid: 2010/02/16 14:22:35| cache_cf.cc(347) 
squid.conf:2670 unrecognized: 'broken_vary_encoding'
Feb 16 14:22:35 alpha squid: Could not determine fully qualified 
hostname.  Please set 'visible_hostname'
Feb 16 14:22:35 alpha squid: FATAL: Could not determine fully qualified 
hostname.  Please set 'visible_hostname'
Feb 16 14:22:35 alpha squid: Squid Cache (Version 3.0.STABLE19): 
Terminated abnormally.
Feb 16 14:22:35 alpha squid: CPU Usage: 0.020 seconds = 0.012 user + 
0.008 sys
Feb 16 14:22:35 alpha squid: Maximum Resident Size: 0 KB
Feb 16 14:22:35 alpha squid: Page faults with physical i/o: 0
Feb 16 14:22:35 alpha squid: squid startup failed
погуглил. на каком-то форуме вычитал, что проблема в том, что 
использован устаревший конфиг от 2.6
и посему взял дефолтный
>> Если взялись хакать ручками, то читайте всю документацию по Squid. Это
>> справедливо.
>>
так в том то и дело, что я это делаю уже не впервые, хотя возможно, что 
я что-то упустил.
>
> Смотри лог /var/log/messages, напиши все сообщения, которые там 
> появляются после запуска squid.
>
[root@alpha ALT]# service squid stop; killall squid; service squid 
start; sleep 5s; tail -n 200 /var/log/messages | grep squid; service 
squid status
Service squid is not 
running.                                                                                         
[PASSED]
Starting squid 
service:                                                                                               
[ DONE ]
Feb 22 20:45:24 alpha squid: squid shutdown succeeded
Feb 22 20:45:24 alpha squid[31532]: Squid Parent: child process 31534 
started
Feb 22 20:45:24 alpha squid: squid startup succeeded
squid is dead, but subsystem is locked

[root@alpha squid]# cat /var/log/squid/cache.log
2010/02/22 20:44:07| Starting Squid Cache version 3.0.STABLE19 for 
i586-alt-linux-gnu...
2010/02/22 20:44:07| Process ID 31446
2010/02/22 20:44:07| With 16384 file descriptors available
2010/02/22 20:44:07| DNS Socket created at 0.0.0.0, port 35313, FD 8
2010/02/22 20:44:07| Adding domain antares.org.ua from /etc/resolv.conf
2010/02/22 20:44:07| Adding nameserver 127.0.0.1 from /etc/resolv.conf
2010/02/22 20:44:07| Adding nameserver 195.211.172.32 from /etc/resolv.conf
2010/02/22 20:44:07| Adding nameserver 80.91.179.14 from /etc/resolv.conf
2010/02/22 20:44:07| User-Agent logging is disabled.
2010/02/22 20:44:07| Referer logging is disabled.
2010/02/22 20:44:07| Unlinkd pipe opened on FD 13
2010/02/22 20:44:07| Local cache digest enabled; rebuild/rewrite every 
3600/3600 sec
2010/02/22 20:44:07| Swap maxSize 8388608 + 8192 KB, estimated 645907 
objects
2010/02/22 20:44:07| Target number of buckets: 32295
2010/02/22 20:44:07| Using 32768 Store buckets
2010/02/22 20:44:07| Max Mem  size: 8192 KB
2010/02/22 20:44:07| Max Swap size: 8388608 KB
2010/02/22 20:44:07| Version 1 of swap file with LFS support detected...
2010/02/22 20:44:07| Rebuilding storage in /var/spool/squid (DIRTY)
2010/02/22 20:44:07| Using Least Load store dir selection
2010/02/22 20:44:07| Set Current Directory to /var/spool/squid
2010/02/22 20:44:07| Loaded Icons.
2010/02/22 20:44:07| Accepting transparently proxied HTTP connections at 
0.0.0.0, port 3128, FD 15.
2010/02/22 20:44:07| Accepting ICP messages at 0.0.0.0, port 3130, FD 16.
2010/02/22 20:44:07| HTCP Disabled.
2010/02/22 20:44:07| Pinger exiting.
2010/02/22 20:45:24| Starting Squid Cache version 3.0.STABLE19 for 
i586-alt-linux-gnu...
2010/02/22 20:45:24| Process ID 31534
2010/02/22 20:45:24| With 16384 file descriptors available
2010/02/22 20:45:24| DNS Socket created at 0.0.0.0, port 43620, FD 8
2010/02/22 20:45:24| Adding domain antares.org.ua from /etc/resolv.conf
2010/02/22 20:45:24| Adding nameserver 127.0.0.1 from /etc/resolv.conf
2010/02/22 20:45:24| Adding nameserver 195.211.172.32 from /etc/resolv.conf
2010/02/22 20:45:24| Adding nameserver 80.91.179.14 from /etc/resolv.conf
2010/02/22 20:45:24| User-Agent logging is disabled.
2010/02/22 20:45:24| Referer logging is disabled.
2010/02/22 20:45:24| Unlinkd pipe opened on FD 13
2010/02/22 20:45:24| Local cache digest enabled; rebuild/rewrite every 
3600/3600 sec
2010/02/22 20:45:24| Swap maxSize 8388608 + 8192 KB, estimated 645907 
objects
2010/02/22 20:45:24| Target number of buckets: 32295
2010/02/22 20:45:24| Using 32768 Store buckets
2010/02/22 20:45:24| Max Mem  size: 8192 KB
2010/02/22 20:45:24| Max Swap size: 8388608 KB
2010/02/22 20:45:24| Version 1 of swap file with LFS support detected...
2010/02/22 20:45:24| Rebuilding storage in /var/spool/squid (DIRTY)
2010/02/22 20:45:24| Using Least Load store dir selection
2010/02/22 20:45:24| Set Current Directory to /var/spool/squid
2010/02/22 20:45:24| Loaded Icons.
2010/02/22 20:45:24| Accepting transparently proxied HTTP connections at 
0.0.0.0, port 3128, FD 15.
2010/02/22 20:45:24| Accepting ICP messages at 0.0.0.0, port 3130, FD 16.
2010/02/22 20:45:24| HTCP Disabled.
2010/02/22 20:45:24| Pinger exiting.


а вот мой конфиг
[root@alpha 1]# diff squid.conf squid.conf.default
588,590c588,590
< #acl localnet src 10.0.0.0/8  # RFC1918 possible internal network
< #acl localnet src 172.16.0.0/12       # RFC1918 possible internal network
< #acl localnet src 192.168.0.0/16      # RFC1918 possible internal network
---
 > acl localnet src 10.0.0.0/8   # RFC1918 possible internal network
 > acl localnet src 172.16.0.0/12        # RFC1918 possible internal network
 > acl localnet src 192.168.0.0/16       # RFC1918 possible internal network
612,614d611
< # LAN
< acl localnet src 192.168.1.0/24
<
656,660d652
< #http_access allow localnet
<
< http_access deny all danger_url
<
< http_access allow localhost
662a655
 > http_access allow localhost
680,681d672
< http_reply_access allow localnet
< http_reply_access deny all
748d738
< miss_access allow all
896c886
< http_port 3128 transparent
---
 > http_port 3128
1566d1555
< maximum_object_size_in_memory 32 KB
1730d1718
< cache_dir ufs /var/spool/squid 8192 16 256
1770d1757
< maximum_object_size 65535 KB
3004d2990
< visible_hostname proxy.antares.org.ua