Squid 2.7 will nicht starten es kommt immer der Fehler using old syntax
Squid 2.7 will nicht starten es kommt immer der Fehler using old syntax
Ich habe das Problem das er das Script nicht starten will weil er sagt ich würde eine veraltete Syntax benutzen.
Obwohl ich mich am Howto für 2.7 orientiert habe finde ich den/die Fehler nicht. Ich hoffe das jemand Rat weiß.
Mir ist einfach nicht klar wie ich die versionsunterschiede debuggen soll in der Fehlermeldung steht nix brauchbares drin :/
Hier ist meine Squid.conf.
#!/bin/bash
#Proxy Authentifizierung an Win Domäne
#---------------------------------------------------------------------------
auth_param basic program /usr/lib/squid/msnt_auth
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive on
authenticate_cache_garbage_interval 1 hour
authenticate_ttl 1 hour
authenticate_ip_ttl 0 seconds
#---------------------------------------------------------------------------
#Access Control Lists ACLs
#---------------------------------------------------------------------------
acl manager proto cache_object
acl Safe_ports port 80 # http
acl Safe_ports port 20 # ftp
acl FTP_Ports port 20 # ftp
acl Safe_ports port 21 # ftp
acl FTP_Ports port 21 # ftp
acl Safe_ports port 25 # smtp
acl Safe_ports port 53 # DNS
acl Safe_ports port 443 # https
acl Safe_ports port 546 # dhcpv6 client
acl Safe_ports port 547 # dhcpv6 server
acl Safe_ports port 1701 # vpn tunnel
acl Safe_ports port 110 # pop3
acl Safe_ports port 143 # IMAP
acl Safe_ports port 993 # IMAP mit SSL
acl Safe_ports port 995 # pop3 mit SSL
acl Safe_ports port 3389 # RDP Microsoft
acl connect method CONNECT
acl all src 0.0.0.0/0.0.0.0
acl localhost 127.0.0.1/32
acl our_networks src 192.168.1.0/24
acl auth_users proxy_auth REQUIRED
acl ftp_users proxy_auth user1 user2 user.....
http_access allow ^our_networks auth_users
http_access deny !FTP_Ports
acl SSL_Ports port 443 993 995
#http_reply_access allow all
http_access deny !Safe_ports
#---------------------------------------------------------------------------
#Network options
#---------------------------------------------------------------------------
http_port 3128
acl icp_access deny all
#Firewall:3128
##192.168.1.3
#https_port 8080
#---------------------------------------------------------------------------
#TOS Value
#---------------------------------------------------------------------------
#tcp_outgoing_tos none
#tcp_outgoing_address off
#zph_mode off
#zph_local off
#zph_sibling off
#zph_parent off
#zph_option off
#---------------------------------------------------------------------------
#Options for Cache Hierarchy / Neighbours
#---------------------------------------------------------------------------
#cache_peer none
#cache_peer_domain none
#cache_peer_access none
#neighbou_type_domain none
dead_peer_timeout 10 seconds
hierarchy_stoplist cgi-bin ?
#---------------------------------------------------------------------------
#Memory Cache Options
#---------------------------------------------------------------------------
cache_mem 12 MB
maximum_object_size_in_memory 6144 KB
memory_replacement_policy heap LFUDA
#---------------------------------------------------------------------------
#Disk Cache Options
#---------------------------------------------------------------------------
cache_replacement_policy heap LFUDA
cache_dir diskd 200 32 512 /var/spool/squid #L1 L2 [Q1=64] [Q2=72]
store_dir_select_algorithm least-load
max_open_disk_fds 0
minimum_object_size 0 KB
maximum_object_size 20480 KB
cache_swap_low 90
cache_swap_high 95
update_headers on
#---------------------------------------------------------------------------
#Logfile options
#---------------------------------------------------------------------------
logformat squid %ts.%03tu %6tr %>a %Ss/%03Hs %st %rm %ru %un %Sh/%<A %mt
access_log /var/log/squid/access.log squid
cache_store_log none
cache_swap_state none
logfile_rotate 0
emulate_httpd_log off
log_ip_on_direct on
mime_table /usr/share/squid/mime.conf
log_mime_hdrs on
useragent_log none
referer_log none
pid_filename /var/run/squid.pid
debug_options ALL,1 78,9
log_fqdn on
client_netmask 255.255.255.0
forward_log on
strip_query_terms on
buffered_logs off
netdb_filename /var/spool/squid/logs/netdb.state
#---------------------------------------------------------------------------
#Options for Ftp Gatewaying
#---------------------------------------------------------------------------
ftp_user Squid@
ftp_list_width 32
ftp_passive off
ftp_sanitycheck on
ftp_telnet_protocoll off
#---------------------------------------------------------------------------
#Options for External Support Programs
#---------------------------------------------------------------------------
diskd_program /usr/lib/squid/diskd-daemon unlinkd_program /usr/lib/squid/unlinkd
pinger_program /usr/lib/squid/pinger
storeurl_rewrite_program none
url_rewrite_program none
#---------------------------------------------------------------------------
#Options for Tuning the Cache
#---------------------------------------------------------------------------
cache none
max_stale 1 week
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Package(.gz)*)$ 0 20% 2880
refresh_pattern . 1440 90% 10080
quick_abort_min 16 KB
quick_abort_max 16 KB
quick_abort_pct 95
read_ahead_gap 16 KB
negative_ttl 5 minutes
positive_dns_ttl 6 hours
negative_dns_ttl 1 minute
range_offset_limit 0 KB
minimum_expiry_time 60 seconds
store_avg_object_size 13 KB
store_objects_per_bucket 20
request_header_max_size 20 KB
reply_header_max_size 20 KB
request_body_max_size 0 KB
broken_posts none
acl shoutcast rep_header X-HTTP09-First-Line ^ICY\s[0-9]
upgrade_http0.9 deny shoutcast
via on
cache_vary on
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
collapsed_forwarding off
refresh_stale_hit 0 seconds
ie_refresh off
vary_ignore_expire off
extension_methods REPORT MERGE MKACTIVITY CHECKOUT
request_entities off
header_access none
header_replace none
relaxed_header_parser on
server_http11 off
ignore_expect_100 off
external_refresh_check none
forward_timeout 4 minutes
connect_timeout 1 minute
peer_connect_timeout 30 seconds
read_timeout 15 minutes
request_timeout 5 minutes
persistent_request_timeout 2 minutes
client_lifetime 1 Day
half_closed_clients off
pconn_timeout 1 minute
ident_timeout 10 seconds
shutdown_lifetime 30 seconds
#---------------------------------------------------------------------------
#Administrative Options
#---------------------------------------------------------------------------
cache_mgr email Adresse
#Postfix muss noch konfiguriert werden
mail_from postfix@firewall.baerchen.test.de
mail_program postfix #need more setup
cache_effective_user squid
cache_effective_group none
httpd_suppress_version_string on
visible_hostname none
unique_hostname Firewall
hostname_aliases none
umask 027
#---------------------------------------------------------------------------
#Options for Cache Registration Service
#---------------------------------------------------------------------------
announce_period none
httpd_accel_no_pmtu_disc off
#---------------------------------------------------------------------------
#Delay Pools Parameters
#---------------------------------------------------------------------------
delay_pools 0 #(Bandbreitenbegrenzung)
delay_class none
delay_access none
delay_parameters none
delay_initial_bucket_level none
#---------------------------------------------------------------------------
#WCCP Configuration Options
#---------------------------------------------------------------------------
wccp_router 0.0.0.0 # für Cisco Router daher abgeschaltet
wccp_version 4
wccp2_rebuild_wait on
wccp2_forwarding_method 1
wccp2_return_method 1
wccp2_assignment_method 1
wccp2_service_standart 0
wccp2_service_info none
wccp2_weight 10000
wccp_address 0.0.0.0
wccp2_address 0.0.0.0
#---------------------------------------------------------------------------
#Persistent Connection Handling
#---------------------------------------------------------------------------
client_persistent_connection on
server_persistent_connection on
persistent_connection_after_error off
detect_broken_pconn off
#---------------------------------------------------------------------------
#Cache digest options
#---------------------------------------------------------------------------
digest_generation on
digest_bits_per_entry 5
digest_rebuild_period 1 hour
digest_rewrite_period 1 hour
digest_swapout_chunk_size 4096 bytes
digest_rebuild_chunk_percentage 10
#---------------------------------------------------------------------------
#SNMP Option (Netzwerkfähige Geräteüberwachung)
#---------------------------------------------------------------------------
snmp_port 0
snmp_access DENY ALL
snmp_incoming_address none
snmp_outgoing_address none
#---------------------------------------------------------------------------
#ICP (Zum übertragen von Informationen für Proxys untereinander)
#---------------------------------------------------------------------------
icp_port 0
htcp_port 4827 udp_incoming_address 0.0.0.0
udp_outgoing_address 255.255.255.255
icp_hit_stale off
minimum_direct_hops 4
minimum_direct_rtt 400
netdb_low 900
netdb_high 1000
netdb_ping_period 5 minutes
query_icmp on
test_reachability on
icp_query_timeout 0
maximum_icp_query_timeout 2000
minimum_icp_query_timeout 5
mcast_groups none
mcast_miss_addr 255.255.255.255
mcast_miss_ttl 16
mcast_miss_port 3135
mcast_miss_encode_key XXXXXXXXXXXXXXXX
mcast_icp_query_timeout 2000
#---------------------------------------------------------------------------
icon_directory /usr/share/squid/icons
global_internal_static on
short_icons_urls off
#---------------------------------------------------------------------------
#Error page options
#---------------------------------------------------------------------------
error_directory /usr/share/squid/errors/German
error_map none
err_html_text none
deny_info none
#---------------------------------------------------------------------------
#Optionen die Request Forwarding betreffen
#---------------------------------------------------------------------------
nonhierarchical_direct off ##acl für forwarding erwartet!!
prefer_direct off
ignore_ims_on_miss on
always_direct off
never_direct off
#---------------------------------------------------------------------------
#Advanced Networking Options
#---------------------------------------------------------------------------
max_filedescriptors 0
accept_filter data
tcp_recv_bufsize 0
incoming_rate 30
check_hostnames on
allow_underscore on
cache_dns_program /usr/lib/squid/dnsserver
dns_children 20
dns_timeout 2 minutes
dns_defnames off
dns_nameservers %%%%
hosts_file ##Hier soll er die Hosts vom Win Server beziehen
##alternativ könnte auch /etc/hosts genutzt werden was ist besser????
dns_testnames google.com microsoft.com
append_domain none
ignore_unknown_nameservers on
ipcache_size 1024
ipcache_high 95
ipcache_low 90
fqdn_cache_size 1024
#---------------------------------------------------------------------------
#Miscellanous
#---------------------------------------------------------------------------
memory_pools on
memory_pools_limit 50 MB
cachemgr_passwd xxxxx shutdown config server_list offline_toggle reconfigurereload_into_ims off
maximum_single_addr_tries 1
retry_on_error on
as_whois_server none
offline_mode off
uri_whitespace strip
coredump_dir none
chroot none
balance_on_multiple_ip on
pipeline_prefetch off
high_response_time_warning 0
high_page_fault_warning 0
high_memory_warning 128 MB
sleep_after_fork 0
zero_buffers on
windows_ipaddrchangemonitor on
Ich weis das es eine ganz Menge ist aber ich würde wirklich sehr freuen wenn sich jemand die zeit nehmen würde mir zu helfen, da mein Ausbilder leider nie Zeit für mich hat
Ich habe das Problem das er das Script nicht starten will weil er sagt ich würde eine veraltete Syntax benutzen.
Obwohl ich mich am Howto für 2.7 orientiert habe finde ich den/die Fehler nicht. Ich hoffe das jemand Rat weiß.
Mir ist einfach nicht klar wie ich die versionsunterschiede debuggen soll in der Fehlermeldung steht nix brauchbares drin :/
Hier ist meine Squid.conf.
#!/bin/bash
#Proxy Authentifizierung an Win Domäne
#---------------------------------------------------------------------------
auth_param basic program /usr/lib/squid/msnt_auth
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive on
authenticate_cache_garbage_interval 1 hour
authenticate_ttl 1 hour
authenticate_ip_ttl 0 seconds
#---------------------------------------------------------------------------
#Access Control Lists ACLs
#---------------------------------------------------------------------------
acl manager proto cache_object
acl Safe_ports port 80 # http
acl Safe_ports port 20 # ftp
acl FTP_Ports port 20 # ftp
acl Safe_ports port 21 # ftp
acl FTP_Ports port 21 # ftp
acl Safe_ports port 25 # smtp
acl Safe_ports port 53 # DNS
acl Safe_ports port 443 # https
acl Safe_ports port 546 # dhcpv6 client
acl Safe_ports port 547 # dhcpv6 server
acl Safe_ports port 1701 # vpn tunnel
acl Safe_ports port 110 # pop3
acl Safe_ports port 143 # IMAP
acl Safe_ports port 993 # IMAP mit SSL
acl Safe_ports port 995 # pop3 mit SSL
acl Safe_ports port 3389 # RDP Microsoft
acl connect method CONNECT
acl all src 0.0.0.0/0.0.0.0
acl localhost 127.0.0.1/32
acl our_networks src 192.168.1.0/24
acl auth_users proxy_auth REQUIRED
acl ftp_users proxy_auth user1 user2 user.....
http_access allow ^our_networks auth_users
http_access deny !FTP_Ports
acl SSL_Ports port 443 993 995
#http_reply_access allow all
http_access deny !Safe_ports
#---------------------------------------------------------------------------
#Network options
#---------------------------------------------------------------------------
http_port 3128
acl icp_access deny all
#Firewall:3128
##192.168.1.3
#https_port 8080
#---------------------------------------------------------------------------
#TOS Value
#---------------------------------------------------------------------------
#tcp_outgoing_tos none
#tcp_outgoing_address off
#zph_mode off
#zph_local off
#zph_sibling off
#zph_parent off
#zph_option off
#---------------------------------------------------------------------------
#Options for Cache Hierarchy / Neighbours
#---------------------------------------------------------------------------
#cache_peer none
#cache_peer_domain none
#cache_peer_access none
#neighbou_type_domain none
dead_peer_timeout 10 seconds
hierarchy_stoplist cgi-bin ?
#---------------------------------------------------------------------------
#Memory Cache Options
#---------------------------------------------------------------------------
cache_mem 12 MB
maximum_object_size_in_memory 6144 KB
memory_replacement_policy heap LFUDA
#---------------------------------------------------------------------------
#Disk Cache Options
#---------------------------------------------------------------------------
cache_replacement_policy heap LFUDA
cache_dir diskd 200 32 512 /var/spool/squid #L1 L2 [Q1=64] [Q2=72]
store_dir_select_algorithm least-load
max_open_disk_fds 0
minimum_object_size 0 KB
maximum_object_size 20480 KB
cache_swap_low 90
cache_swap_high 95
update_headers on
#---------------------------------------------------------------------------
#Logfile options
#---------------------------------------------------------------------------
logformat squid %ts.%03tu %6tr %>a %Ss/%03Hs %st %rm %ru %un %Sh/%<A %mt
access_log /var/log/squid/access.log squid
cache_store_log none
cache_swap_state none
logfile_rotate 0
emulate_httpd_log off
log_ip_on_direct on
mime_table /usr/share/squid/mime.conf
log_mime_hdrs on
useragent_log none
referer_log none
pid_filename /var/run/squid.pid
debug_options ALL,1 78,9
log_fqdn on
client_netmask 255.255.255.0
forward_log on
strip_query_terms on
buffered_logs off
netdb_filename /var/spool/squid/logs/netdb.state
#---------------------------------------------------------------------------
#Options for Ftp Gatewaying
#---------------------------------------------------------------------------
ftp_user Squid@
ftp_list_width 32
ftp_passive off
ftp_sanitycheck on
ftp_telnet_protocoll off
#---------------------------------------------------------------------------
#Options for External Support Programs
#---------------------------------------------------------------------------
diskd_program /usr/lib/squid/diskd-daemon unlinkd_program /usr/lib/squid/unlinkd
pinger_program /usr/lib/squid/pinger
storeurl_rewrite_program none
url_rewrite_program none
#---------------------------------------------------------------------------
#Options for Tuning the Cache
#---------------------------------------------------------------------------
cache none
max_stale 1 week
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Package(.gz)*)$ 0 20% 2880
refresh_pattern . 1440 90% 10080
quick_abort_min 16 KB
quick_abort_max 16 KB
quick_abort_pct 95
read_ahead_gap 16 KB
negative_ttl 5 minutes
positive_dns_ttl 6 hours
negative_dns_ttl 1 minute
range_offset_limit 0 KB
minimum_expiry_time 60 seconds
store_avg_object_size 13 KB
store_objects_per_bucket 20
request_header_max_size 20 KB
reply_header_max_size 20 KB
request_body_max_size 0 KB
broken_posts none
acl shoutcast rep_header X-HTTP09-First-Line ^ICY\s[0-9]
upgrade_http0.9 deny shoutcast
via on
cache_vary on
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
collapsed_forwarding off
refresh_stale_hit 0 seconds
ie_refresh off
vary_ignore_expire off
extension_methods REPORT MERGE MKACTIVITY CHECKOUT
request_entities off
header_access none
header_replace none
relaxed_header_parser on
server_http11 off
ignore_expect_100 off
external_refresh_check none
forward_timeout 4 minutes
connect_timeout 1 minute
peer_connect_timeout 30 seconds
read_timeout 15 minutes
request_timeout 5 minutes
persistent_request_timeout 2 minutes
client_lifetime 1 Day
half_closed_clients off
pconn_timeout 1 minute
ident_timeout 10 seconds
shutdown_lifetime 30 seconds
#---------------------------------------------------------------------------
#Administrative Options
#---------------------------------------------------------------------------
cache_mgr email Adresse
#Postfix muss noch konfiguriert werden
mail_from postfix@firewall.baerchen.test.de
mail_program postfix #need more setup
cache_effective_user squid
cache_effective_group none
httpd_suppress_version_string on
visible_hostname none
unique_hostname Firewall
hostname_aliases none
umask 027
#---------------------------------------------------------------------------
#Options for Cache Registration Service
#---------------------------------------------------------------------------
announce_period none
httpd_accel_no_pmtu_disc off
#---------------------------------------------------------------------------
#Delay Pools Parameters
#---------------------------------------------------------------------------
delay_pools 0 #(Bandbreitenbegrenzung)
delay_class none
delay_access none
delay_parameters none
delay_initial_bucket_level none
#---------------------------------------------------------------------------
#WCCP Configuration Options
#---------------------------------------------------------------------------
wccp_router 0.0.0.0 # für Cisco Router daher abgeschaltet
wccp_version 4
wccp2_rebuild_wait on
wccp2_forwarding_method 1
wccp2_return_method 1
wccp2_assignment_method 1
wccp2_service_standart 0
wccp2_service_info none
wccp2_weight 10000
wccp_address 0.0.0.0
wccp2_address 0.0.0.0
#---------------------------------------------------------------------------
#Persistent Connection Handling
#---------------------------------------------------------------------------
client_persistent_connection on
server_persistent_connection on
persistent_connection_after_error off
detect_broken_pconn off
#---------------------------------------------------------------------------
#Cache digest options
#---------------------------------------------------------------------------
digest_generation on
digest_bits_per_entry 5
digest_rebuild_period 1 hour
digest_rewrite_period 1 hour
digest_swapout_chunk_size 4096 bytes
digest_rebuild_chunk_percentage 10
#---------------------------------------------------------------------------
#SNMP Option (Netzwerkfähige Geräteüberwachung)
#---------------------------------------------------------------------------
snmp_port 0
snmp_access DENY ALL
snmp_incoming_address none
snmp_outgoing_address none
#---------------------------------------------------------------------------
#ICP (Zum übertragen von Informationen für Proxys untereinander)
#---------------------------------------------------------------------------
icp_port 0
htcp_port 4827 udp_incoming_address 0.0.0.0
udp_outgoing_address 255.255.255.255
icp_hit_stale off
minimum_direct_hops 4
minimum_direct_rtt 400
netdb_low 900
netdb_high 1000
netdb_ping_period 5 minutes
query_icmp on
test_reachability on
icp_query_timeout 0
maximum_icp_query_timeout 2000
minimum_icp_query_timeout 5
mcast_groups none
mcast_miss_addr 255.255.255.255
mcast_miss_ttl 16
mcast_miss_port 3135
mcast_miss_encode_key XXXXXXXXXXXXXXXX
mcast_icp_query_timeout 2000
#---------------------------------------------------------------------------
icon_directory /usr/share/squid/icons
global_internal_static on
short_icons_urls off
#---------------------------------------------------------------------------
#Error page options
#---------------------------------------------------------------------------
error_directory /usr/share/squid/errors/German
error_map none
err_html_text none
deny_info none
#---------------------------------------------------------------------------
#Optionen die Request Forwarding betreffen
#---------------------------------------------------------------------------
nonhierarchical_direct off ##acl für forwarding erwartet!!
prefer_direct off
ignore_ims_on_miss on
always_direct off
never_direct off
#---------------------------------------------------------------------------
#Advanced Networking Options
#---------------------------------------------------------------------------
max_filedescriptors 0
accept_filter data
tcp_recv_bufsize 0
incoming_rate 30
check_hostnames on
allow_underscore on
cache_dns_program /usr/lib/squid/dnsserver
dns_children 20
dns_timeout 2 minutes
dns_defnames off
dns_nameservers %%%%
hosts_file ##Hier soll er die Hosts vom Win Server beziehen
##alternativ könnte auch /etc/hosts genutzt werden was ist besser????
dns_testnames google.com microsoft.com
append_domain none
ignore_unknown_nameservers on
ipcache_size 1024
ipcache_high 95
ipcache_low 90
fqdn_cache_size 1024
#---------------------------------------------------------------------------
#Miscellanous
#---------------------------------------------------------------------------
memory_pools on
memory_pools_limit 50 MB
cachemgr_passwd xxxxx shutdown config server_list offline_toggle reconfigurereload_into_ims off
maximum_single_addr_tries 1
retry_on_error on
as_whois_server none
offline_mode off
uri_whitespace strip
coredump_dir none
chroot none
balance_on_multiple_ip on
pipeline_prefetch off
high_response_time_warning 0
high_page_fault_warning 0
high_memory_warning 128 MB
sleep_after_fork 0
zero_buffers on
windows_ipaddrchangemonitor on
Ich weis das es eine ganz Menge ist aber ich würde wirklich sehr freuen wenn sich jemand die zeit nehmen würde mir zu helfen, da mein Ausbilder leider nie Zeit für mich hat
Bitte markiere auch die Kommentare, die zur Lösung des Beitrags beigetragen haben
Content-ID: 156060
Url: https://administrator.de/contentid/156060
Ausgedruckt am: 22.11.2024 um 20:11 Uhr