nixCraft

Squid is easy to setup, it just take 5 mins. It seems you are new and got confused with tons of shit out there...anyway

I hope 192.168.7.151 (your Linux server IP) is static IP address. What is the ip address of Windows XP?

Basic troubleshooting
Can you ping from windows xp to linux box? Goto start > run > type command :
Can you telnet from windows xp to linux squid port 3128? Goto start > run > type command:
Type . (dot) and hit enter key see what response you get. Lemee know output of above commands and then we can try to solve it

Went to work came back and it was going again. Got onto kanotix forum and changed kernel to the one most suited to my setup. I haven't done a reboot so far after dist-update, but things seem to be going ok. I have been usin Win since late80's, but I have been only working with Linux for about a month. My learning stategy. Is to diving in the deep end unable to swimm, then learn how to swim after hitting bottom. It is amazing the amout of stuff you pick up that way, but it does tend to lead to alot of computer down time. Fortunately this is a hobby not work. To answer you, the XP box is 192.168.7.150 and the router internal IP is 192.168.7.1. A question I have is the lan IP is only excepted if it is 0, is that like a * when you do searches for files? The Linux box sees XP bo fine. Will work with XP tomorrow. I am still very pleased that provided you asked the right question in the right place there is accurate easy to follow advice. M$ I learnt more on my own then I ever got from forums. Many thanks

pinged the IP from XP box works fine. Telnet the port and it didn't work. Believe I have setup the IPTables at this point. Do I use one or both of:
# iptables -t nat -A OUTPUT -p tcp --dport 80 -m owner --uid-owner squid -j ACCEPT
# iptables -t nat -A OUTPUT -p tcp --dport 3128 -m owner --uid-owner squid -j ACCEPT ?
I would like to set it up so that it only goes through squid. The end plans are to set up Dansguardian. By the way setting up things are very easy and simple if you do it right the first time. The fun part is correcting things when you run into a ditch.

Well stop the firewall as pointed out by monk and telnet to port 3128 from Windows xp and let us know what error or output your are getting?

Also what is output of following command on Linux box:
Above two command will tell us where is problem … in network or in squid itself

Ran netstat -vat | grep 3128 and it just went to the next # line. I thought at first that ment everything was fine, then again it might have ment n/a.

Reran netstat -vat | grep 3128 (just went to the next # after a short pause) and telnet 192.168.7.151 3128 (connection failed) after running /root/firewall.stop I ran grep -v "#" /etc/squid/squid.conf | sed -e '/^$/d' again just so that we can double check that I didn't do something stupid (quite normal for me) and got this
http_port 3128
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
maximum_object_size 32768 KB
maximum_object_size_in_memory 8 KB
cache_dir ufs /var/spool/squid 1400 16 256
refresh_pattern Release$ 0 41% 720
refresh_pattern Packages\.gz$ 0 41% 720
refresh_pattern Sources\.gz$ 0 41% 720
refresh_pattern \.orig.tar.gz$ 525600 0% 525600 override-lastmod ignore-reload
refresh_pattern \.diff.gz$ 525600 0% 525600 override-lastmod ignore-reload
refresh_pattern \.deb$ 525600 0% 525600 override-lastmod ignore-reload
refresh_pattern \.dsc$ 525600 0% 525600 override-lastmod ignore-reload
refresh_pattern ^ftp: 0 50% 43200
refresh_pattern ^gopher: 0 50% 720
refresh_pattern \.shtml$ 0 10% 720
refresh_pattern \.html$ 0 50% 720
refresh_pattern \.htm$ 0 50% 720
refresh_pattern \.php.$ 0 10% 720
refresh_pattern \.img$ 0 50% 720
refresh_pattern \.jpeg$ 0 50% 720
refresh_pattern \.jpg$ 0 50% 720
refresh_pattern . 0 20% 720
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl lan src 192.168.7.0/255.255.255.0
acl SSL_ports port 443 563
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443 563
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl Safe_ports port 901
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow lan
http_access deny all
icp_access allow all
cache_mgr admin
cache_effective_user squid
cache_effective_group squid
visible_hostname (host name)

If you are not getting any output … it means your squid server is not running. When you type command
It should say following without any sort of error:
Starting Squid HTTP proxy: squid.

Then it will open a port 3128. Here is output from my server:
tcp 0 0 *:3128 *:* LISTEN

It seems that your squid configuration file has some bug somewhere. Here is my fresh copy, just rename your old copy and put my copy:
Only replace SET-HOSTNAME with your linux servername which can be find with hostname command:
Your configuration is giving me error, so try ouy my config. Only change hostname. Restart squid and run netstat command and see what output you get

As you can see did a major cleanup.
http_port 3128
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
hosts_file /etc/hosts
refresh_pattern ^ftp: 0 50% 43200
refresh_pattern ^gopher: 0 50% 720
refresh_pattern . 0 20% 720
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl purge method PURGE
acl CONNECT method CONNECT
acl SSL_ports port 443 563
acl Safe_ports port 80
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
acl lan src 192.168.7.0/255.255.255.0
http_access allow localhost
http_access allow lan
http_access deny all
http_reply_access allow all
icp_access allow all
cache_effective_user squid
cache_effective_group squid
visible_hostname (hostname as listed)
coredump_dir /var/spool/squid

Restarting squid gave me Starting Squid HTTP proxy: squid. netstat -vat | grep 3128 still hasn't given me any response. I have stopped iptables firewall. Therefore that means I have either a) another firewall stopping it (I have no idea how linux works these things so that might be out of the question because I have already stopped iptables) or b) In my browsing around trying to fix this I seem to remember someone posting that if your kernel didn't have a certain feature set right, it would block what squid was doing. But because I saw dozens of sites I cann't remember what it was and of course it didn't say how you were supposed to find out, so I ignored it. By the way my kernel is kanotix 2.6.17-rc6-slh-up-1.