Just bumping it, still noone? Thanks.
Greetings,
Endre Szekely-Bencedi
GE GDC Security Leader
_____________________________________
TATA Consultancy Services - Hungary
Science Park B, 1st floor
Irinyi Jozsef utca 4-20 Budapest 1117
Tel: +36 1 886 TATA | +36 1 886 8022
Fax: +36 1 886 8001
Email: Endre.Szekely-Bencedi@hu-tcs.com
_____________________________________
"THIS E-MAIL MESSAGE ALONG WITH ANY ATTACHMENTS IS INTENDED ONLY FOR THE
ADDRESSEE and may contain confidential and privileged information. If the
reader of this message is not the intended recipient, you are notified that
any dissemination, distribution or copy of this communication is strictly
prohibited. If you have received this message by error, please notify us
immediately, return the original mail to the sender and delete the message
from your system."
----- Forwarded by Endre Szekely-Bencedi/TM/TCSHUNGARY/TCS on 09/07/2004
10:44 AM -----
|--------+---------------------------------->
| | "Endre Szekely-Bencedi" |
| | <Endre.Szekely-Bencedi@h|
| | u-tcs.com> |
| | |
| | 09/02/2004 11:38 AM |
| | |
|--------+---------------------------------->
>-----------------------------------------------------------------------------------------------------------|
| |
| To: squid-users@squid-cache.org |
| cc: |
| Subject: [squid-users] Squid 2.5STABLE5 and SNMP problem on Fedora Core 2 |
>-----------------------------------------------------------------------------------------------------------|
Hi list,
I have a problem I've been struggling with the past two days. I am running
Webalizer for my squid proxy but the other day I found on the ionternet
something related to MRTG and Squid with some sample graphs and I liked it
a lot; I knew I can't live anymore without MRTG. :) So I've tried to set it
up according to MRTG and Squid FAQs. Problem also was that I was already
running a Squid I didn't wanted to ruin (although it's a test machine) so
recompiled the Squid with --enable-snmp option. To make sure I am running
the new copy I have made a copy of the squid styartup script (redhat-alike)
and edited it, also set 000 as access on my 'old' squid binary and config
files. So I have the SNMP-enabled one as squid2.5 and he config as t
squid2.5.config.
Of course, SNMP won't work. I searched Google and found many many questions
but not a single useful answer for me.
Okay, my squid conf looks like:
acl snmppublic snmp_community public
snmp_port 3401
snmp_access allow snmppublic all
snmp_incoming_address 0.0.0.0
snmp_outgoing_address 255.255.255.255
This is something I got grepping the file for snmp and deleting the
commented rows so perhaps all relevant data is here.
A full log of the squid -k reconfigure gives:
Sep 2 11:26:35 thor squid[19621]: Reconfiguring Squid Cache (version
2.5.STABLE5)...
Sep 2 11:26:35 thor squid[19621]: SmartFilter: Disabling SmartFilter,
freeing resources
Sep 2 11:26:35 thor squid[19621]: SmartFilter: Canceling communications
thread
Sep 2 11:26:35 thor squid[19621]: SmartFilter: Waiting for communications
thread to exit
Sep 2 11:26:35 thor squid[19621]: SmartFilter: Communications thread
exited
Sep 2 11:26:35 thor (squid)[19621]: FD 21 Closing HTTP connection
Sep 2 11:26:35 thor (squid)[19621]: FD 23 Closing ICP connection
Sep 2 11:26:35 thor (squid)[19621]: FD 24 Closing SNMP socket
Sep 2 11:26:35 thor (squid)[19621]: Cache dir '/var/squid/cache' size
remains unchanged at 1048576 KB
Sep 2 11:26:35 thor squid[19621]: DNS Socket created at 0.0.0.0, port
32814, FD 8
Sep 2 11:26:35 thor squid[19621]: Adding nameserver x.x.x.a from
/etc/resolv.conf
Sep 2 11:26:35 thor squid[19621]: Adding nameserver x.x.x.b from
/etc/resolv.conf
Sep 2 11:26:35 thor squid[19621]: Adding nameserver x.x.x.c from
/etc/resolv.conf
Sep 2 11:26:35 thor squid[19621]: Smartfilter: Initializing SmartFilter
Sep 2 11:26:35 thor squid[19621]: SmartFilter: SmartFilter Plugin Library
Version 4.0.0.00
Sep 2 11:26:36 thor squid[19621]: SmartFilter: Trying to start plugin
thread
Sep 2 11:26:36 thor squid[19621]: SmartFilter: Created communication
thread
Sep 2 11:26:36 thor squid[19621]: SmartFilter: SmartFilter init:
SmartFilter initialized.
Sep 2 11:26:36 thor squid[19621]: Accepting HTTP connections at 0.0.0.0,
port 80, FD 22.
Sep 2 11:26:36 thor squid[19621]: Accepting ICP messages at 0.0.0.0, port
3130, FD 24.
Sep 2 11:26:36 thor squid[19621]: Accepting SNMP messages on port 3401, FD
25.
Sep 2 11:26:36 thor squid[19621]: WCCP Disabled.
Sep 2 11:26:36 thor squid[19621]: Configuring Parent y.y.y.y/80/7
Sep 2 11:26:36 thor squid[19621]: Loaded Icons.
Sep 2 11:26:36 thor squid[19621]: Ready to serve requests.
The things I changed are the x.x.x.x and y.y.y.y addresses only, those are
valid addresses and I can browse through my squid flawlessly also the
SmartFilter plugin (web filtering) works as it should.
Testing SNMP looks like:
[root@thor etc]# snmpwalk -v 1 -c public 127.0.0.1:3401
.1.3.6.1.4.1.3495.1.1
Timeout: No Response from 127.0.0.1:3401
[root@thor etc]#
/var/log/message shows:
Sep 2 11:29:30 thor squid[19621]: Failed SNMP agent query from :
127.0.0.1.
Sep 2 11:29:35 thor last message repeated 5 times
Sep 2 11:30:00 thor squid[19621]: Failed SNMP agent query from : a.b.c.d.
The last two lines come from mrtg trying to query SNMP also, a.b.c.d is the
same with localhost, it's the same machine. The first error comes from the
snmpwalk command.
Searching Google didn't give me any useful results, so either my problem is
somewhat pecial compared to other users, or it is so stupid that I'm the
only one having it (I don't know like anything about SNMP), so I'd
appreciate any imput regarding this.
Also, should the snmp daemon or anything be running? I have a feeling that
it hasn't much to do with this as perhaps Squid should reply. Anyway I have
snmpd on my machine (unconfigured, took a look into the config and it looks
pretty much encrypted to me).
Thanks.
Greetings,
Endre Szekely-Bencedi
GE GDC Security Leader
_____________________________________
TATA Consultancy Services - Hungary
Science Park B, 1st floor
Irinyi Jozsef utca 4-20 Budapest 1117
Tel: +36 1 886 TATA | +36 1 886 8022
Fax: +36 1 886 8001
Email: Endre.Szekely-Bencedi@hu-tcs.com
_____________________________________
"THIS E-MAIL MESSAGE ALONG WITH ANY ATTACHMENTS IS INTENDED ONLY FOR THE
ADDRESSEE and may contain confidential and privileged information. If the
reader of this message is not the intended recipient, you are notified that
any dissemination, distribution or copy of this communication is strictly
prohibited. If you have received this message by error, please notify us
immediately, return the original mail to the sender and delete the message
from your system."
"THIS E-MAIL MESSAGE ALONG WITH ANY ATTACHMENTS IS INTENDED ONLY FOR THE
ADDRESSEE and may contain confidential and privileged information. If the
reader of this message is not the intended recipient, you are notified that
any dissemination, distribution or copy of this communication is strictly
prohibited. If you have received this message by error, please notify us
immediately, return the original mail to the sender and delete the message
from your system."
"THIS E-MAIL MESSAGE ALONG WITH ANY ATTACHMENTS IS INTENDED ONLY FOR THE
ADDRESSEE and may contain confidential and privileged information. If the
reader of this message is not the intended recipient, you are notified that
any dissemination, distribution or copy of this communication is strictly
prohibited. If you have received this message by error, please notify us
immediately, return the original mail to the sender and delete the message
from your system."
Received on Tue Sep 07 2004 - 02:46:38 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Oct 01 2004 - 12:00:02 MDT