Hello, I am a first time user of Squid.
I think its great and I want to get a certificate or something that supports that I can fully operate Squid.
But thats now where my question is about.
My question is about my config.
My /etc/squid/squid.conf file Is written by myself. And I think I made a mistake somewere since when I start Squid it crashes.
It might be important that I run GNU/Linux with Gentoo 2007.0 with my own Configured Kernel. So that might be a problem.
Anywho my configuration is like this..
#Used Doc http://www.visolve.com/squid/squid26/contents.php
cache_mem 75 MB
cache_dir ufs /var/cache/squid 500 16 256
maximun_object_size 102400 KB
acl WAN src 192.168.24.0/255.255.255.0
acl LAN src 192.168.42.0/255.255.255.0
acl all src 0.0.0.0/0.0.0.0
acl busness_hours time M T W H F 8:30-18:00
acl break_time time M T W H F 11:00-14:00
acl BadSites dstdomain "/usr/local/etc/restricted-sites.squid"
acl BadWords url_regex -i "/usr/local/etc/restricted-keywords.squid"
acl BadFiles urlpath_regex -i "/usr/local/etc/restricted-files.squid"
acl ftp proto FTP
acl http proto HTTP
acl ssl proto SSL
acl ssh_port port 22 443 10000
acl Admin-IP src "/usr/local/etc/Admin-IP.squid"
acl Admin-MAC arp "/usr/local/etc/Admin-MAC.squid"
acl User-IP src "/usr/local/etc/User-IP.squid"
acl User-MAC arp "/usr/local/etc/User-MAC.squid"
allow ssh_ports LAN CONNECT
deny !USer-IP !Admin-IP
deny !User-MAC !Admin-MAC
deny !break_time BadSites User-IP
deny !break_time BadWords User-IP
deny !break_time BadFiles User-IP
allow User-IP business-hours
I think I made some mistakes in the laws part.
And well the Admin-IP thing is made this way since the IP's in that file chance..
People have to logon to the PC before they have access to the Inet..
This is done since this is a Firewall box only (Squid + Snort + IPtables)
Well, can somebody tell me what Ive done wrong? :(
And, well what books shall I buy to learn Squid. Since it really looks like a promising project.
I think I want to get a certificate or something for it. (As do I want one for Snort, wireshark, iptables.)
But anywho, that aside. What have I done wrong :(
And how can I fix.
THanks already alot! (only for reading ;))