have you got a similar statement in sqid.conf
SQUID Frequently Asked Questions: Troubleshooting
10.22 FATAL: ipcache_init: DNS name lookup tests failed
Squid normally tests your system's DNS configuration before it starts server requests. Squit tries to resolve some common DNS names, as defined in the dns_testnames configuration directive. If Squid cannot resolve these names, it could mean that your DNS nameserver is unreachable or not running, or your /etc/resolv.conf file may contain incorrect information.
To disable this feature, use the -D command line option.
Note, Squid does NOT use the dnsservers to test the DNS. The test is performed internally, before the dnsservers start.
I have given up for today. Spent two solid days on it so far and I think I'm just going round in circles.
I think tomorrow I'll start completely afresh, even down to reinstalling the OS.
What think you all about the OS, is Ubuntu a problem and should I simply go with a Debian build? Or should Ubuntu server be OK?
Ubuntu server should be fine. I'd get squid going on its own first. May be worth investing in the o'reilly "squid book", it's the dogs.
I am running 2 Squid/DG proxies at the school I work at.
They are both running on Ubuntu 8.04 Server. They work great.
But I am no expert at ubuntu or linux and it takes me AAAAAAAAGES (about a week if I'm not busy) to configure them to fully work with AD and NTLM. It mainly takes me so long as I just collect info from google searches and slowly make things operational... and forget to write down what I've done as that slows me down even more hahaha
I will help all I can with any questions you have (and give any config files you might need etc) - if I can remember from when I did it
Your offer is very kind and I may make use of it.
I've just reinstalled Ubuntu and I'm about to start a reinstall of Squid and DG. If you have working Squid and DG config files I'd welcome having copies if only to look at to see what I need to do. PM me and I'll give you my email address.
I'm now a whole heap further on than I was yesterday - squid is running, I haven't yet installed DG as I was concentrating on squid first. However - having joined the server to the domain and setting up squid with ntlm auth I have a problem - a password dialogue pops up in all browsers and none of our usernames / passwords are being recognized. All kinit and wbinfo responses are as expected and are OK. Any ideas?
This is my squid.conf file:
Is there anything wrong with this?[auth_param]
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 24
auth_param ntlm keep_alive on
auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
auth_param basic children 24
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl SSL_ports port 443 # https
acl SSL_ports port 563 # snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
acl ntlm_auth proxy_auth REQUIRED
http_access allow ntlm_auth
dhicks (9th April 2010)
edit: on second glances, I left the basic authenticators commented out - i just have the 3 lines for NTLM auth ..not 100% what difference that will be making to your setup?
Last edited by ind1ekid; 9th April 2010 at 01:54 PM.
There are currently 1 users browsing this thread. (0 members and 1 guests)