Ubuntu – configure Squid3 proxy server on Ubuntu with caching and logging


I have a ubuntu 11.10 machine.
Installed Squid3.
When i configure the squid as http_access allow all, everything works fine.
my current configuration mostly default is as follows:

2012/09/10 13:19:57| Processing Configuration File: /etc/squid3/squid.conf (depth 0)
2012/09/10 13:19:57| Processing: acl manager proto cache_object
2012/09/10 13:19:57| Processing: acl localhost src ::1
2012/09/10 13:19:57| Processing: acl to_localhost dst ::1
2012/09/10 13:19:57| Processing: acl SSL_ports port 443
2012/09/10 13:19:57| Processing: acl Safe_ports port 80     # http
2012/09/10 13:19:57| Processing: acl Safe_ports port 21     # ftp
2012/09/10 13:19:57| Processing: acl Safe_ports port 443        # https
2012/09/10 13:19:57| Processing: acl Safe_ports port 70     # gopher
2012/09/10 13:19:57| Processing: acl Safe_ports port 210        # wais
2012/09/10 13:19:57| Processing: acl Safe_ports port 1025-65535 # unregistered ports
2012/09/10 13:19:57| Processing: acl Safe_ports port 280        # http-mgmt
2012/09/10 13:19:57| Processing: acl Safe_ports port 488        # gss-http
2012/09/10 13:19:57| Processing: acl Safe_ports port 591        # filemaker
2012/09/10 13:19:57| Processing: acl Safe_ports port 777        # multiling http
2012/09/10 13:19:57| Processing: acl CONNECT method CONNECT
2012/09/10 13:19:57| Processing: http_access allow manager localhost
2012/09/10 13:19:57| Processing: http_access deny manager
2012/09/10 13:19:57| Processing: http_access deny !Safe_ports
2012/09/10 13:19:57| Processing: http_access deny CONNECT !SSL_ports
2012/09/10 13:19:57| Processing: http_access allow localhost
2012/09/10 13:19:57| Processing: http_access deny all
2012/09/10 13:19:57| Processing: http_port 3128
2012/09/10 13:19:57| Processing: coredump_dir /var/spool/squid3
2012/09/10 13:19:57| Processing: refresh_pattern ^ftp:      1440    20% 10080
2012/09/10 13:19:57| Processing: refresh_pattern ^gopher:   1440    0%  1440
2012/09/10 13:19:57| Processing: refresh_pattern -i (/cgi-bin/|\?) 0    0%  0
2012/09/10 13:19:57| Processing: refresh_pattern (Release|Packages(.gz)*)$      0       20%     2880
2012/09/10 13:19:57| Processing: refresh_pattern .      0   20% 4320
2012/09/10 13:19:57| Processing: http_access allow all
2012/09/10 13:19:57| Processing: cache_mem 512 MB
2012/09/10 13:19:57| Processing: logformat squid3 %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru
2012/09/10 13:19:57| Processing: access_log /home/panshul/squidCache/log/access.log squid3

The problem starts when I enable the following line:

access_log /home/panshul/squidCache/log/access.log

I start to get proxy server is refusing connections error in the browser.
on commenting out the above line in my config, things go back to normal.

The second problem starts when i add the following line to my config:

cache_dir ufs /home/panshul/squidCache/cache 100 16 256

The squid server fails to start.

Any suggestions what am I missing in the config. Please help.!!

Best Answer

The default configuration of squid on a Debian/Ubuntu system is going to run as the user/group proxy/proxy.

The simplist, and most likely explaination for your problem is that squid doesn't have write access to that folder with the privileges it has as the user proxy.

Unless you have a really good reason, you should probably just leave the logging and cache to the default locations of /var/log/squid3/ and /var/spool/squid3/ which have the permissions setup properly.

Related Topic