how to setup squid server

can any one tell me how to setup squid server (proxy server) in linux (fedora core 3) in the minimam steps required. i tryed installing and setup but dont know where is the problema nad what is the actual procdure for i have also red from www.squid.org but all is not good . every time i start squid servece is says failed can any one tell me from th ebegning how to setup proxy server for my lab and my server on which i wanted to start squid server is 192.168.200.1/255.255.255.0 and i wanted to give acess to all comps from 192.168.0.1-192.168.0.255/255.255.255.0
thanks in advance


-----


Aug 10th, 2005
your /etc/squid/squid.conf is probably misconfigured and
at a minimum should contain:

1] add your domain to the acl (access control lists) below the default entry
"acl CONNECT method CONNECT" line like so: [use the CIDR instead of the subnetmask]
(remember allow first then deny last)

acl yourdomainshortname src 192.168.0.0/24
acl yourdomainshortname src .yourdomain.com

you should be able to use this to refer to later in the file now...

2] search further down in the file for the line that looks like:
"INSERT YOUR OWN RULES HERE" add the following line under the
localhost rule: (refer to the items in 1] above)

http_access allow yourdomainshortname


restart squid
I believe that squid uses port 3128 by default.
to test this you can configure a browser and point it at your proxy server

troubleshooting: [do this on the proxy server]

'tail -f /var/log/messages' in a seperate bash window while restarting squid
'tail -f /var/log/squid/access.log' in a seperate bash window while
attempting connections to the proxy server. watch the output for
success & failure.

double check iptables to ensure that it isnt running a conflicting firewall
'service iptables status' if iptables is running
you can temporarily disable it and restart squid and then test again:
'service iptables stop'
In the long run you should probably configure iptables to allow, deny,
drop and log traffic as appropriate for the given ports/services that you require.

ensure that /etc/hosts is setup correctly and there are seperate entries
for localhost and your system like so:

127.0.0.1 localhost localhost.localdomain
192.168.0.x proxyserver proxyserver.yourdomain.com wwx.youretcdomain.com

/etc/hosts.allow & /etc/hosts.deny can also present conflicts. ensure
that they dont.

you can also test a given port on the localhost with telnet to see if you
are allowed to connect at all:
'telnet localhost 3128' and see if you're even allowed to connect
run the following command to check a given port
'netstat -n | grep 3128' (or any other port)

make sure you can resolve yourself and other machines in dns by using
'dig' or nslookup' to avoid the obvious...

enjoy & happy troubleshooting..
Cain
I used up all my money on you baby...
... and I want it BACK.