Okay before I get into anything I just want to say to bear with me.
I am definitely a noob at this and hardly know what I'm doing. My base Linux knowledge is only for OS based stuff like drivers, packages, compiling things, etc. I'm turning to the forum because I now am having more issues than I've started with, and need help going in the right direction, and cause well I have frankly been bothering Qain a lot with basic questions (some of which I really just needed to read up on) and I don't want to bother him anymore until I have a more serious issue, lol.
The goal here is a windows update cache. I need it to combat the bandwidth/data usage (thanks to the new comcast data caps) and pull and store windows updates on the external 1TB drive. To be frank, I'm hardly sure this portion is working correctly either.
This is a bit different because I am not using a setup like Ubuntu Server or Windows, so the guides I have found thus far are somewhat related, but not entirely. Again forgive me, my base knowledge here is lacking, I'm used to having a 'helping hand' in the form of some guide/videos, or related documentation. The concepts on this router are fairly new (it seems).
I've been reading this: http://www.deckle.co.uk/squid-users-guide/index.html
and the squid setup guide here:
http://wiki.squid-cache.org/SquidFaq/WindowsUpdate
Which has a good basic overview, but I have a feeling there is something I'm missing. I'd love an answer, or at least pointing in the right direction as I've started to feel a bit helpless in getting this project done. I have alot of clients so this is a must do.
The new issue is- well after making changes to the squid.conf and resolv.conf my Wifi no longer works, but clients can connect. I have a feeling its obviously a change I made, but don't even know where to begin.
Squid.conf:
acl localnet src 10.0.0.0/8
acl localnet src 172.16.0.0/12
acl localnet src 192.168.0.0/16
acl localnet src fc00::/7
acl localnet src fe80::/10
acl ssl_ports port 443
acl safe_ports port 80
acl safe_ports port 21
acl safe_ports port 443
acl safe_ports port 70
acl safe_ports port 210
acl safe_ports port 1025-65535
acl safe_ports port 280
acl safe_ports port 488
acl safe_ports port 591
acl safe_ports port 777
acl connect method connect
acl windowsupdate dstdomain windowsupdate.microsoft.com
acl windowsupdate dstdomain .update.microsoft.com
acl windowsupdate dstdomain download.windowsupdate.com
acl windowsupdate dstdomain redir.metaservices.microsoft.com
acl windowsupdate dstdomain images.metaservices.microsoft.com
acl windowsupdate dstdomain c.microsoft.com
acl windowsupdate dstdomain www.download.windowsupdate.com
acl windowsupdate dstdomain wustat.windows.com
acl windowsupdate dstdomain crl.microsoft.com
acl windowsupdate dstdomain sls.microsoft.com
acl windowsupdate dstdomain productactivation.one.microsoft.com
acl windowsupdate dstdomain ntservicepack.microsoft.com
acl CONNECT method CONNECT
acl wuCONNECT dstdomain www.update.microsoft.com
acl wuCONNECT dstdomain sls.microsoft.com
acl localnet src 192.168.1.0/255.255.255.0
http_access allow localnet
icp_access allow localnet
dns_nameservers 198.168.1.1
http_access allow CONNECT wuCONNECT localnet
http_access allow windowsupdate localnet
http_access deny !safe_ports
http_access deny connect !ssl_ports
http_access allow localhost manager
http_access deny manager
http_access deny to_localhost
http_access allow localnet
http_access allow localhost
http_access deny all
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
refresh_pattern -i microsoft.com/.*.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 262800 reload-into-ims
refresh_pattern -i windowsupdate.com/.*.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 262800 reload-into-ims
refresh_pattern -i windows.com/.*.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 262800 reload-into-ims
range_offset_limit 10000 MB windowsupdate
maximum_object_size 10000 MB
quick_abort_min -1
access_log /dev/null
cache_log /dev/null
cache_store_log /dev/null
logfile_rotate 0
logfile_daemon /dev/null
error_directory /opt/usr/share/squid/errors/templates/
icon_directory /opt/usr/share/squid/icons
cache_dir ufs /dev/sda2/cache/squid 900000 16 256
& resolv.conf
So anyone that can help, or point me in the right direction would be greatly appreciated. I'm starting to find myself more keenly aware of the need to maybe go and get my linux cert for this kind of thing.
@Superfish1000 @wendell
EDIT:
At this point, I'm wondering if this is a good solution over Windows Server 2012 w/WSUS. If I do group policy edits, I have to change/change them back, which seems rather bothersome for just Windows updates. I have a lot of clients lately so I feel like this would be a lot of extra time unless I could powershell/automate the entire process.
Input here would be greatly appreciated as well.