Open 8880 port in Squid
Hi,
i am a newbie for linux , we have squid proxy . Lan users need to access the website with 8880 . i have added it to safe_ports, still cannot access . error comes with Connection refused (111) anybody please help asap. |
In squid config file what have you set http_port to?
Specify in /etc/squid.conf Quote:
|
proxy port is set to 3128,
squid config file as follows ------------------------------------------------------------------ #Recommended minimum configuration: acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 #_____________________________________________ acl DOWNLOAD urlpath_regex -i "/etc/squid/denydownload.txt" acl extension_blocked urlpath_regex -i "/etc/squid/blocked.acl" acl extensiondeny url_regex -i "/etc/squid/extensiondeny" acl game urlpath_regex -i .mp3 .mp4 .wmv .3gp .3gpp .flv acl saboo_port port 8880 #_______________________________________________________ acl POST method POST #______________________________________________ acl FULLACC src 192.168.1.101 192.168.4.202 192.168.4.200 192.168.4.227 192.168.4.224 192.168.1.29 192.168.1.11 192.168.1.109 192.168.1.131 192.168.4.228 192.168.1.121 192.168.4.225 192.168.4.226 192.168.1.105 192.168.1.115 192.168.4.188 192.168.4.167 192.168.1.117 192.168.1.133 192.168.4.204 192.168.4.132 192.168.4.40 192.168.4.184 #acl ITINFRA src 192.168.1.0 192.168.1.20 192.168.1.152 192.168.4.40 192.168.4.184 #___________________________________________________ acl BLOCKED dstdomain .orkut.com .gmail.com gmail.google.com .mail.com .yahoo.com sharkhan.com .nse-india.com .indiatimes.com .kproxy.com .meebo.com .ebuddy.com hotmail.com .sex.com .lingeria.com .wallpaper.com .yahoo.co.in .video.com video.google.com video.google.uk.co .vtunnel.com .ebuzz.com .games.com .kroxy.com .mail.google.com .rediffmail.com .rediff.com .youtube.com .hrmovie.com .zapak.com .zapakmail.com .bigadda.com .msn.com .mouthshut.com .top100gamesites.com .sharekhan.com .igoogle.com .esakal.com .zoominfo.com .expressindia.com .saptahiksakal.com .picasa.google.com .picasa.google.co.in .songs.pk .myboli.com .hidemyass.com .santabanta.com .pudhari.com .epaper.timesofindia.com .ask.com .facebook.com .koolim.com .maps.google.com .maps.google.co.in .news.google.com .news.google.co.in .power.com .iloveim.com .imhaha.com .wattpad.com .metacafe.com .twitter.com .livego.com .fashionandyou.com .reddit.com .differentproxy.info .123greetings.com .karoolark.com #_____________________________________________________ acl WORD url_regex iglk picasa songs games music ringtones sex babes video wallpapers themes movie lesbian sexy onlinemusic mp3 mp4 tunes itunes jokes shayri shemale orkut crack screensaver gmail talkgadget.google.com talk.google.com talkx.l.google.com chatenabled.mail.google.com sms cellphones cricket porn kamsutra bollywood hollywood respi chating santabanta epaper nse-india chat nude proxy pron acl WORD url_regex iglk picasa songs games music ringtones sex babes video wallpapers movie lesbian sexy onlinemusic mp3 mp4 tunes itunes jokes shayri shemale orkut crack screensaver gmail talkgadget.google.com talk.google.com talkx.l.google.com chatenabled.mail.google.com sms cellphones cricket porn kamsutra bollywood hollywood respi chating santabanta epaper nse-india chat nude proxy pron #_______________________________________________________ acl IMAGES dstdomain .images.google.com .images.google.co.in #__________________________________________________________ acl AWORD url_regex 203.199.171.30 192.168.1.10 wsdl http://cert.webservices.sabre.com http://tempweb956.nic.in/ http://iicdelhi.nic.in/ http://doj.gov.in/ http://westerncoal.gov.in/ http://employer.dice.com/ http://www.dae.nic.in/ http://dae.nic.in/ www.tin-nsdl.com #_______________________________________________________________ acl blocked_ports port 5222 5223 #_______________________________________________________________ acl notacc url_regex "/etc/squid/blocked_sites.txt" acl extension_blocked urlpath_regex -i "/etc/squid/blocked.acl" acl extensiondeny url_regex -i "/etc/squid/extensiondeny" acl game urlpath_regex -i .mp3 .mp4 .wmv .3gp .3gpp .flv .torrent acl gmail dstdomain www.gmail.com acl saboo_port port 8880 acl SSL_ports port 443 8880 8080 8443 acl Safe_ports port 80 8880 8080 8443 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 3389 # RDP acl CONNECT method CONNECT # TAG: http_access # Allowing or Denying access based on defined access lists # # Access to the HTTP port: # http_access allow|deny [!]aclname ... # # NOTE on default values: # # If there are no "access" lines present, the default is to deny # the request. # # If none of the "access" lines cause a match, the default is the # opposite of the last line in the list. If the last line was # deny, the default is allow. Conversely, if the last line # is allow, the default will be deny. For these reasons, it is a # good idea to have an "deny all" or "allow all" entry at the end # of your access lists to avoid potential confusion. # #Default: #http_access deny all # #Recommended minimum configuration: # Only allow cachemgr access from localhost # Deny requests to unknown ports #http_access deny !Safe_ports # Deny CONNECT to other than SSL ports #http_access deny CONNECT !SSL_ports # # We strongly recommend the following be uncommented to protect innocent # web applications running on the proxy server who think the only # one who can access services on "localhost" is a local user #http_access deny to_localhost # # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS # Example rule allowing access from your local networks. Adapt # to list your (internal) IP networks from where browsing should # be allowed #acl our_networks src 192.168.1.0/24 192.168.2.0/24 #http_access allow our_networks # And finally deny all other access to this proxy #_______________________________ #http_access deny blocked_ports #http_access allow ITINFRA #____________________________ # TAG: http_access2 # Allowing or Denying access based on defined access lists # # Identical to http_access, but runs after redirectors. If not set # then only http_access is used. # #Default: # none # TAG: http_reply_access # Allow replies to client requests. This is complementary to http_access. # # http_reply_access allow|deny [!] aclname ... # # NOTE: if there are no access lines present, the default is to allow # all replies # # If none of the access lines cause a match the opposite of the # last line will apply. Thus it is good practice to end the rules # with an "allow all" or "deny all" entry. # #Default: # http_reply_access allow all # TAG: icp_access # Allowing or Denying access to the ICP port based on defined # access lists # # icp_access allow|deny [!]aclname ... # # See http_access for details |
Then add a line like if not set:
http_port 8880 |
My proxy port is 3128, i want to open a website with 8880
example.com:8880 . and also i have stopped iptables service. |
1 Attachment(s)
added http_port 8880 , same error
find the attachment |
Do you have ACL set for this? If not, try the solution provided in http://www.linuxforums.org/forum/net...allow-url.html
|
Quote:
i have ip address not the url . you can find it in error attachment , 109.236.80.134:8880 |
All times are GMT -5. The time now is 10:24 AM. |