+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 18
*nix Thread, Squid WARNING in Technical; I'm getting the following: WARNING: you should probably remove 'DOMAIN NAME HERE' from the ACL named squid (repeated for however ...
  1. #1

    Hightower's Avatar
    Join Date
    Jun 2008
    Location
    Cloud 9
    Posts
    4,920
    Thank Post
    494
    Thanked 690 Times in 444 Posts
    Rep Power
    241

    Squid WARNING

    I'm getting the following:

    WARNING: you should probably remove 'DOMAIN NAME HERE' from the ACL named squid
    (repeated for however many domains I have in the ACL)

    Whenever I try to do a squid -k rotate

    Any ideas?

  2. #2

    Join Date
    Oct 2007
    Location
    Lincolnshire
    Posts
    133
    Thank Post
    0
    Thanked 22 Times in 22 Posts
    Rep Power
    18
    It sounds like your acl definitions in squid.conf have some unwanted text. If you post your squid.conf (or the relevant part) I'll have a look.
    Last edited by keithu; 6th April 2009 at 12:52 PM. Reason: typo

  3. #3

    Hightower's Avatar
    Join Date
    Jun 2008
    Location
    Cloud 9
    Posts
    4,920
    Thank Post
    494
    Thanked 690 Times in 444 Posts
    Rep Power
    241
    Cheers - here's the conf file. Not sure whats bits you need so here's the whole lot. (had to zip it to upload it)

  4. #4

    Join Date
    Oct 2007
    Location
    Lincolnshire
    Posts
    133
    Thank Post
    0
    Thanked 22 Times in 22 Posts
    Rep Power
    18
    That looks okay to me. You're including a file called "/var/www/allowedsites" which might contain the problem lines. What's in there?

  5. #5

    Hightower's Avatar
    Join Date
    Jun 2008
    Location
    Cloud 9
    Posts
    4,920
    Thank Post
    494
    Thanked 690 Times in 444 Posts
    Rep Power
    241
    Just the sites that we allow access to (see attached).

  6. #6

    Join Date
    Oct 2007
    Location
    Lincolnshire
    Posts
    133
    Thank Post
    0
    Thanked 22 Times in 22 Posts
    Rep Power
    18
    I think this line in squid.conf is the problem:

    access_log /var/log/squid3/access.log squid

    You need to take 'squid' off the end. It's interpreting 'squid' as the name of an acl which you haven't defined.

  7. #7

    Hightower's Avatar
    Join Date
    Jun 2008
    Location
    Cloud 9
    Posts
    4,920
    Thank Post
    494
    Thanked 690 Times in 444 Posts
    Rep Power
    241
    Just tried that and it didn't work - same warning

  8. #8

    Join Date
    Oct 2007
    Location
    Lincolnshire
    Posts
    133
    Thank Post
    0
    Thanked 22 Times in 22 Posts
    Rep Power
    18
    I can't see anything else wrong at the moment. Did you reload the squid config file? You have to either stop and restart squid or do a 'squid -k reconfigure'.

  9. #9

    Hightower's Avatar
    Join Date
    Jun 2008
    Location
    Cloud 9
    Posts
    4,920
    Thank Post
    494
    Thanked 690 Times in 444 Posts
    Rep Power
    241
    Quote Originally Posted by keithu View Post
    I can't see anything else wrong at the moment. Did you reload the squid config file? You have to either stop and restart squid or do a 'squid -k reconfigure'.
    Yeah, I did a sudo /etc/init.d/squid3 restart and as soon as squid started up again it gave the same list of warnings.

  10. #10

    Join Date
    Oct 2007
    Location
    Lincolnshire
    Posts
    133
    Thank Post
    0
    Thanked 22 Times in 22 Posts
    Rep Power
    18
    uuh

    How about if you run 'squid -k parse'

    That should check the config file and spit out the bits it doesn't like.

  11. #11

    Hightower's Avatar
    Join Date
    Jun 2008
    Location
    Cloud 9
    Posts
    4,920
    Thank Post
    494
    Thanked 690 Times in 444 Posts
    Rep Power
    241
    Just gives me the warnings as before. Here's an example:

    Code:
    2009/04/06 14:38:40| WARNING: You should probably remove '.teachit.co.uk' from t                                                                             he ACL named 'allowedsites'
    2009/04/06 14:38:40| WARNING: '.teachit.co.uk' is a subdomain of '.teachit.co.uk                                                                             '
    2009/04/06 14:38:40| WARNING: because of this '.teachit.co.uk' is ignored to kee                                                                             p splay tree searching predictable
    2009/04/06 14:38:40| WARNING: You should probably remove '.teachit.co.uk' from t                                                                             he ACL named 'allowedsites'
    2009/04/06 14:38:40| WARNING: '.bbc.co.uk' is a subdomain of '.bbc.co.uk'
    2009/04/06 14:38:40| WARNING: because of this '.bbc.co.uk' is ignored to keep sp                                                                             lay tree searching predictable
    2009/04/06 14:38:40| WARNING: You should probably remove '.bbc.co.uk' from the A                                                                             CL named 'allowedsites'
    2009/04/06 14:38:40| WARNING: '.bbc.co.uk' is a subdomain of '.bbc.co.uk'
    2009/04/06 14:38:40| WARNING: because of this '.bbc.co.uk' is ignored to keep sp                                                                             lay tree searching predictable
    2009/04/06 14:38:40| WARNING: You should probably remove '.bbc.co.uk' from the A                                                                             CL named 'allowedsites'
    2009/04/06 14:38:40| WARNING: '.wikipedia.org' is a subdomain of '.en.wikipedia.                                                                             org'
    2009/04/06 14:38:40| WARNING: because of this '.en.wikipedia.org' is ignored to                                                                              keep splay tree searching predictable
    2009/04/06 14:38:40| WARNING: You should probably remove '.wikipedia.org' from t                                                                             he ACL named 'allowedsites'
    2009/04/06 14:38:40| WARNING: '.wikipedia.org' is a subdomain of '.en.wikipedia.                                                                             org'
    2009/04/06 14:38:40| WARNING: because of this '.en.wikipedia.org' is ignored to                                                                              keep splay tree searching predictable
    2009/04/06 14:38:40| WARNING: You should probably remove '.wikipedia.org' from t                                                                             he ACL named 'allowedsites'
    2009/04/06 14:38:40| WARNING: '.tanfieldschool.co.uk' is a subdomain of '.marks.                                                                             tanfieldschool.co.uk'
    2009/04/06 14:38:40| WARNING: because of this '.marks.tanfieldschool.co.

  12. #12

    Join Date
    Oct 2007
    Location
    Lincolnshire
    Posts
    133
    Thank Post
    0
    Thanked 22 Times in 22 Posts
    Rep Power
    18
    You said the message was:

    "WARNING: you should probably remove 'DOMAIN NAME HERE' from the ACL named squid"

    The only problem here is that your allowed sites file has repeated entries. I've cleaned it up for you - see attached.

    You've also defined some subdomains which are already included in a larger domain. For instance, if you allow bbc.co.uk there's no point allowing news.bbc.co.uk as well since bbc.co.uk is equivalent to *.bbc.co.uk. You can either take news.bbc.co.uk out of the list or just put up with the warning message.
    Attached Files Attached Files
    Last edited by keithu; 6th April 2009 at 03:00 PM. Reason: more info

  13. #13

    Hightower's Avatar
    Join Date
    Jun 2008
    Location
    Cloud 9
    Posts
    4,920
    Thank Post
    494
    Thanked 690 Times in 444 Posts
    Rep Power
    241
    Ah, sorry - I think I copied that error from a one I found on Google when I was searching for the error - as opposed to my exact error. That's a school boy error on my part.

    Is this actually stopping the logs from rotating? Or just generating a warning?

  14. #14

    Join Date
    Oct 2007
    Location
    Lincolnshire
    Posts
    133
    Thank Post
    0
    Thanked 22 Times in 22 Posts
    Rep Power
    18
    It won't stop the logs rotating. You're only seeing the warnings because when you do a 'squid -k rotate' it reloads the config.

    I'm using the logrotate daemon to rotate the logs here, rather than squid itself. I've got the following lines tacked on the end of /etc/logrotate.conf:

    # system-specific logs may be also be configured here.

    # Rotate Squid access log daily, keeping 3 weeks. Compress with gzip.

    /usr/local/squid/var/logs/access.log {
    daily
    rotate 21
    copytruncate
    #notifempty
    missingok
    compress
    }

    #keep cache.log and store.log for 2 days

    /usr/local/squid/var/logs/cache.log {
    daily
    rotate 2
    copytruncate
    #notifempty
    missingok
    compress
    }

    /usr/local/squid/var/logs/store.log {
    daily
    rotate 2
    copytruncate
    #notifempty
    missingok
    compress

    }

  15. Thanks to keithu from:

    Hightower (7th April 2009)

  16. #15

    Hightower's Avatar
    Join Date
    Jun 2008
    Location
    Cloud 9
    Posts
    4,920
    Thank Post
    494
    Thanked 690 Times in 444 Posts
    Rep Power
    241
    Thanks,

    I've just added:

    Code:
    # Rotate Squid access log daily, keeping 3 weeks. Compress with gzip.
    
    /var/log/squid3/access.log {
    daily
    rotate 21
    copytruncate
    #notifempty
    missingok
    compress
    }
    
    #keep cache.log and store.log for 2 days
    
    /var/log/squid3/cache.log {
    daily
    rotate 2
    copytruncate
    #notifempty
    missingok
    compress
    }
    
    /var/log/squid3/store.log {
    daily
    rotate 2
    copytruncate
    #notifempty
    missingok
    compress
    }
    To my logrotate.conf (the locations are different for my setup for some reason). Will this start working automatically? Do I need to restart the daemon (if so how?)?

    Also, this only cleans up the squid logs - I also have SARG installed (so I can make head and tails of the logs), how would I go about rotating these so they don't build up and build up?

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Squid Transparent
    By Jackd in forum *nix
    Replies: 5
    Last Post: 10th October 2007, 02:12 PM
  2. Squid logs
    By srochford in forum How do you do....it?
    Replies: 12
    Last Post: 13th April 2007, 12:53 PM
  3. Squid authentication
    By localzuk in forum *nix
    Replies: 21
    Last Post: 14th February 2007, 08:08 AM
  4. Squid and RM proxies
    By HodgeHi in forum Wireless Networks
    Replies: 6
    Last Post: 1st November 2006, 11:02 AM
  5. Squid Screwed
    By Gatt in forum Wireless Networks
    Replies: 11
    Last Post: 10th October 2006, 02:12 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •