LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 02-27-2007, 11:44 PM   #1
boyfren
LQ Newbie
 
Registered: Jan 2007
Posts: 13

Rep: Reputation: 0
Angry Squid Concern


Hi all,

I setup my squid to temporarily allow the default Safe_ports and SSL_ports thinking it might help to allow connections from a yahoo messenger request. On the other hand, NAT is disable in my box. Can anyone please lead me to the righ configuration.

Below is the access logs.
1172637850.724 4067 192.168.250.254 TCP_MISS/200 576 POST http://shttp.msg.yahoo.com/notify/ - DIRECT/216.155.194.239 text/plain
1172637852.241 1190 192.168.250.254 TCP_MISS/200 461 POST http://shttp.msg.yahoo.com/notify/ - DIRECT/216.155.194.239 text/plain
1172637855.330 3087 192.168.250.254 TCP_MISS/200 461 POST http://shttp.msg.yahoo.com/notify/ - DIRECT/216.155.194.239 text/plain
1172637856.210 879 192.168.250.254 TCP_MISS/200 461 POST http://shttp.msg.yahoo.com/notify/ - DIRECT/216.155.194.239 text/plain

And basic squid.conf coniguration im referreing to:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl mynetwork src 192.168.250.0/24
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

http_access allow mynetwork
http_access allow manager localhost
http_access deny manager
http_access allow !Safe_ports ####### i have allowed this
http_access allow CONNECT !SSL_ports ### i have allowed this

Making the story short, I wanted my yahoo messenger to connect via proxy without the use of NAT or masquerading.
192.168.250.1 is my internal connection.. thanks everyone!!!

Last edited by boyfren; 02-28-2007 at 12:01 AM.
 
Old 02-27-2007, 11:54 PM   #2
Peter_APIIT
Member
 
Registered: Dec 2006
Posts: 551

Rep: Reputation: 30
Question Squid concern

I also plan to set up squid but my browser complaint that unknown proxy host.

I using Mandriva Linux 2007 as my proxy server. I have set the the proxy server at mcc and the knoqueror but why the browser still can't find the proxy host. I also change the host name to the one i want.

Moreover, i also start the squid server at boot time. Besides that, when i set the proxy server at konqueror browser using automatic detect proxy configuration script. It complaint that no usable proxy configuration script.

I hope this all information will help you guide me to successful set up the proxy server.

A billion thanks to your help.

Thanks for your help.

Your help is greatly appreciated by me and others.


I am totally a newbie to linux and stupid as well.
 
Old 02-28-2007, 12:04 AM   #3
boyfren
LQ Newbie
 
Registered: Jan 2007
Posts: 13

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by Peter_APIIT
I also plan to set up squid but my browser complaint that unknown proxy host.

I using Mandriva Linux 2007 as my proxy server. I have set the the proxy server at mcc and the knoqueror but why the browser still can't find the proxy host. I also change the host name to the one i want.

Moreover, i also start the squid server at boot time. Besides that, when i set the proxy server at konqueror browser using automatic detect proxy configuration script. It complaint that no usable proxy configuration script.

I hope this all information will help you guide me to successful set up the proxy server.

A billion thanks to your help.

Thanks for your help.

Your help is greatly appreciated by me and others.


I am totally a newbie to linux and stupid as well.
I got my Mandriva 2007 running good as proxy using squid. You probably must have missed some important reconfiguration in your squid.conf. You must allow your network or the IP requesting for proxy. check you ACLs and you http_access configuration. Do not use automatic proxy detection. Manually configure your proxy settings in your browser using this format: xx.xx.xx.xx:3128. xx.xx.xx.xx is your proxy server ip and 3128 is the default http port. hope this helps

Last edited by boyfren; 02-28-2007 at 12:08 AM.
 
Old 03-04-2007, 03:38 AM   #4
Peter_APIIT
Member
 
Registered: Dec 2006
Posts: 551

Rep: Reputation: 30
Below is /etc/sysconfig/network configuration file.

NETWORKING=yes
GATEWAY=192.168.1.1
HOSTNAME=nicholas_tse.nicholas_tse_proxy_server nichola
s_tse

and /etc/hosts configuration files.

127.0.0.1 nicholas_tse.nicholas_tse_proxy_server
nicholas_tse
.

I think i had not configured the /etc/squid/squid.conf for the acl and http_access configuration.

I hope this two files might help guide me to configure the /etc/squid/squid.conf.

I am a stupid guy. Sorry for my stupidness.
I also googling the squid.conf but i don't understand what they illustrate.

Linux is the best OS in the world.

Your help is greatly appreciated by me and others.
 
Old 03-06-2007, 10:37 PM   #5
boyfren
LQ Newbie
 
Registered: Jan 2007
Posts: 13

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by Peter_APIIT
Below is /etc/sysconfig/network configuration file.

NETWORKING=yes
GATEWAY=192.168.1.1
HOSTNAME=nicholas_tse.nicholas_tse_proxy_server nichola
s_tse

and /etc/hosts configuration files.

127.0.0.1 nicholas_tse.nicholas_tse_proxy_server
nicholas_tse
.

I think i had not configured the /etc/squid/squid.conf for the acl and http_access configuration.

I hope this two files might help guide me to configure the /etc/squid/squid.conf.

I am a stupid guy. Sorry for my stupidness.
I also googling the squid.conf but i don't understand what they illustrate.

Linux is the best OS in the world.

Your help is greatly appreciated by me and others.
add these lines to your squid.con:
acl yournetwork 192.168.1.0/255.255.255.0
http_access allow yournetwork

on the client accessing the proxy, point your browser to:
192.168.1.1 on port 3128

this shud work...
 
  


Reply

Tags
squid


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
raid concern micro_xii Linux - Newbie 1 01-04-2007 01:26 AM
Possible Security Concern? keysorsoze Linux - Security 2 12-15-2006 02:36 PM
Serious Hard drive Concern askjeffro Mandriva 4 06-19-2004 08:04 PM
chkrootkit concern computergeek84 Linux - Security 14 01-28-2004 09:02 PM
Security concern linuxRules Linux - General 3 05-22-2002 02:23 PM


All times are GMT -5. The time now is 12:35 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration