Chapter 33. The Proxy Server Squid / 33.3. Starting Squid | ||||
|---|---|---|---|---|
 | 33.2. System Requirements | 33.4. The Configuration File /etc/squid/squid.conf |  | |
Chapter 33. The Proxy Server Squid / 33.3. Starting Squid | ||||
|---|---|---|---|---|
| 33.2. System Requirements | 33.4. The Configuration File /etc/squid/squid.conf | | |
Squid is already preconfigured in SUSE LINUX, so
you can start it right after the installation. To ensure a smooth start-up,
the network should be configured in such a way that at least one name
server and the Internet can be reached. Problems can arise if a dial-up connection is used with a
dynamic DNS configuration. In cases such as this, at least the name server
should be clearly entered, because Squid does not
start if it does not detect a DNS server in
/etc/resolv.conf.
To start Squid, enter
rcsquid start at the command line
as root. For the initial start-up,
the directory structure must first be defined in
/var/squid/cache. This is done by the start script
/etc/init.d/squid automatically and can take a few
seconds or even minutes. If done appears to the right in
green, Squid has been successfully loaded. To
test the functionality of Squid on the local system,
enter localhost as the proxy and 3128 as
the port in the browser.
To allow all users to access Squid and, through
it, the Internet, change the entry in the configuration file
/etc/squid/squid.conf from http_access deny
all to http_access allow all. However, in
doing so, consider that Squid is made completely
accessible to anyone by this action. Therefore, define ACLs that control
access to the proxy. More information about this is available in
Section 33.4.2, “Options for Access Controls”.
After modifying the configuration file
/etc/squid/squid.conf,
Squid must reload the configuration file.
Do this with
rcsquid reload. Alternatively,
completely restart Squid with
rcsquid restart.
The command
rcsquid status
can be used to check if the proxy is running. The command
rcsquid stop causes
Squid to shut down. This can take a while,
because Squid waits up to half a minute
(shutdown_lifetime option in
/etc/squid/squid.conf) before dropping the connections
to the clients and writing its data to the disk.
![[Warning]](admon/warning.png) | Terminating Squid |
|---|---|
Terminating Squid with kill or killall can damage the cache. To be able to restart Squid, the damaged cache must be deleted. | |
If Squid dies after a short period of time even
though it was started successfully, check whether there is a faulty name
server entry or whether the /etc/resolv.conf file is
missing. Squid logs the cause of a start-up
failure in the file /var/squid/logs/cache.log. If
Squid should be loaded automatically when the
system boots, use the YaST runlevel editor to activate
Squid for the desired runlevels.
See Section 2.7.7, “System Services (Runlevel)”.
An uninstall of Squid does not remove the cache
hierarchy or the log files. To remove these, delete the
/var/cache/squid directory manually.
Setting up a local DNS server makes sense even if it does not manage its own domain. It then simply acts as a caching-only name server and is also able to resolve DNS requests via the root name servers without requiring any special configuration (see Section 24.2, “Starting the Name Server BIND”). How this can be done depends on whether you chose dynamic DNS during the configuration of the Internet connection.
Normally, with dynamic DNS, the DNS server is set by the provider during
the establishment of the Internet connection and the local file
/etc/resolv.conf is adjusted automatically. This
behavior is achieved by way of the sysconfig variable MODIFY_RESOLV_CONF_DYNAMICALLY, which is
set to YES. Set this variable
to NO with the YaST
sysconfig editor (see Section 7.8, “The YaST sysconfig Editor”). Then
enter the local DNS server in the file
/etc/resolv.conf with the IP address 127.0.0.1 for localhost. This way Squid can always
find the local name server when it starts.
To make the provider's name server accessible, enter it
in the configuration file /etc/named.conf under
forwarders along with its IP address. With
dynamic DNS, this can be achieved automatically during connection
establishment by setting the sysconfig variable MODIFY_NAMED_CONF_DYNAMICALLY to
YES.
With static DNS, no automatic DNS adjustments take place while
establishing a
connection, so there is no need to change any
sysconfig variables. You must, however, enter the local DNS
server in the file
/etc/resolv.conf as described above.
Additionally, the providers static name server must be entered manually
in the file /etc/named.conf under
forwarders along with its IP address.
![[Tip]](admon/tip.png) | DNS and Firewall |
|---|---|
If you have a firewall running, make sure DNS requests can pass it. | |
