Hi Everyone ,
I need to open 8880 port to access a website
http://109.236.80.135:8880/ , whenever it passes through squid proxy , it says connection refused (111).
i have added the port number in acl (Safe_ports)
Please help , where are the changes to be done
squid config file as follows
------------------------------------------------------------------
#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
#_____________________________________________
acl DOWNLOAD urlpath_regex -i "/etc/squid/denydownload.txt"
acl extension_blocked urlpath_regex -i "/etc/squid/blocked.acl"
acl extensiondeny url_regex -i "/etc/squid/extensiondeny"
acl game urlpath_regex -i .mp3 .mp4 .wmv .3gp .3gpp .flv
acl saboo_port port 8880
#_______________________________________________________
acl POST method POST
#______________________________________________
acl FULLACC src 192.168.1.101 192.168.4.202 192.168.4.200 192.168.4.227 192.168.4.224 192.168.1.29 192.168.1.11 192.168.1.109 192.168.1.131 192.168.4.228 192.168.1.121 192.168.4.225 192.168.4.226 192.168.1.105 192.168.1.115 192.168.4.188 192.168.4.167 192.168.1.117 192.168.1.133 192.168.4.204 192.168.4.132 192.168.4.40 192.168.4.184
#acl ITINFRA src 192.168.1.0 192.168.1.20 192.168.1.152 192.168.4.40 192.168.4.184
#___________________________________________________
acl BLOCKED dstdomain .orkut.com .gmail.com gmail.google.com .mail.com .yahoo.com sharkhan.com .nse-india.com .indiatimes.com .kproxy.com .meebo.com .ebuddy.com hotmail.com .sex.com .lingeria.com .wallpaper.com .yahoo.co.in .video.com video.google.com video.google.uk.co .vtunnel.com .ebuzz.com .games.com .kroxy.com .mail.google.com .rediffmail.com .rediff.com .youtube.com .hrmovie.com .zapak.com .zapakmail.com .bigadda.com .msn.com .mouthshut.com .top100gamesites.com .sharekhan.com .igoogle.com .esakal.com .zoominfo.com .expressindia.com .saptahiksakal.com .picasa.google.com .picasa.google.co.in .songs.pk .myboli.com .hidemyass.com .santabanta.com .pudhari.com .epaper.timesofindia.com .ask.com .facebook.com .koolim.com .maps.google.com .maps.google.co.in .news.google.com .news.google.co.in .power.com .iloveim.com .imhaha.com .wattpad.com .metacafe.com .twitter.com .livego.com .fashionandyou.com .reddit.com .differentproxy.info .123greetings.com .karoolark.com
#_____________________________________________________
acl WORD url_regex iglk picasa songs games music ringtones sex babes video wallpapers themes movie lesbian sexy onlinemusic mp3 mp4 tunes itunes jokes shayri shemale orkut crack screensaver gmail talkgadget.google.com talk.google.com talkx.l.google.com chatenabled.mail.google.com sms cellphones cricket porn kamsutra bollywood hollywood respi chating santabanta epaper nse-india chat nude proxy pron
acl WORD url_regex iglk picasa songs games music ringtones sex babes video wallpapers movie lesbian sexy onlinemusic mp3 mp4 tunes itunes jokes shayri shemale orkut crack screensaver gmail talkgadget.google.com talk.google.com talkx.l.google.com chatenabled.mail.google.com sms cellphones cricket porn kamsutra bollywood hollywood respi chating santabanta epaper nse-india chat nude proxy pron
#_______________________________________________________
acl IMAGES dstdomain .images.google.com .images.google.co.in
#__________________________________________________________
acl AWORD url_regex 203.199.171.30 192.168.1.10 wsdl
http://cert.webservices.sabre.com http://tempweb956.nic.in/ http://iicdelhi.nic.in/ http://doj.gov.in/ http://westerncoal.gov.in/ http://employer.dice.com/ http://www.dae.nic.in/ http://dae.nic.in/ www.tin-nsdl.com
#_______________________________________________________________
acl blocked_ports port 5222 5223
#_______________________________________________________________
acl notacc url_regex "/etc/squid/blocked_sites.txt"
acl extension_blocked urlpath_regex -i "/etc/squid/blocked.acl"
acl extensiondeny url_regex -i "/etc/squid/extensiondeny"
acl game urlpath_regex -i .mp3 .mp4 .wmv .3gp .3gpp .flv .torrent
acl gmail dstdomain
www.gmail.com
acl saboo_port port 8880
acl SSL_ports port 443 8880 8080 8443
acl Safe_ports port 80 8880 8080 8443 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 3389 # RDP
acl CONNECT method CONNECT
# TAG: http_access
# Allowing or Denying access based on defined access lists
#
# Access to the HTTP port:
# http_access allow|deny [!]aclname ...
#
# NOTE on default values:
#
# If there are no "access" lines present, the default is to deny
# the request.
#
# If none of the "access" lines cause a match, the default is the
# opposite of the last line in the list. If the last line was
# deny, the default is allow. Conversely, if the last line
# is allow, the default will be deny. For these reasons, it is a
# good idea to have an "deny all" or "allow all" entry at the end
# of your access lists to avoid potential confusion.
#
#Default:
#http_access deny all
#
#Recommended minimum configuration:
# Only allow cachemgr access from localhost
# Deny requests to unknown ports
#http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
#http_access deny CONNECT !SSL_ports
#
# We strongly recommend the following be uncommented to protect innocent
# web applications running on the proxy server who think the only
# one who can access services on "localhost" is a local user
#http_access deny to_localhost
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
# Example rule allowing access from your local networks. Adapt
# to list your (internal) IP networks from where browsing should
# be allowed
#acl our_networks src 192.168.1.0/24 192.168.2.0/24
#http_access allow our_networks
# And finally deny all other access to this proxy
#_______________________________
#http_access deny blocked_ports
#http_access allow ITINFRA
#____________________________
# TAG: http_access2
# Allowing or Denying access based on defined access lists
#
# Identical to http_access, but runs after redirectors. If not set
# then only http_access is used.
#
#Default:
# none
# TAG: http_reply_access
# Allow replies to client requests. This is complementary to http_access.
#
# http_reply_access allow|deny [!] aclname ...
#
# NOTE: if there are no access lines present, the default is to allow
# all replies
#
# If none of the access lines cause a match the opposite of the
# last line will apply. Thus it is good practice to end the rules
# with an "allow all" or "deny all" entry.
#
#Default:
# http_reply_access allow all
# TAG: icp_access
# Allowing or Denying access to the ICP port based on defined
# access lists
#
# icp_access allow|deny [!]aclname ...
#
# See http_access for details