LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 01-16-2015, 04:41 AM   #1
Vishwas8722
LQ Newbie
 
Registered: Jan 2015
Posts: 8

Rep: Reputation: Disabled
Open 8880 port in Squid


Hi,
i am a newbie for linux , we have squid proxy .

Lan users need to access the website with 8880 . i have added it to safe_ports, still cannot access . error comes with

Connection refused (111)

anybody please help asap.
 
Old 01-16-2015, 07:00 AM   #2
veerain
Senior Member
 
Registered: Mar 2005
Location: Earth bound to Helios
Distribution: Custom
Posts: 2,524

Rep: Reputation: 319Reputation: 319Reputation: 319Reputation: 319
In squid config file what have you set http_port to?

Specify in /etc/squid.conf

Quote:
http_port 8880
 
1 members found this post helpful.
Old 01-16-2015, 09:32 PM   #3
Vishwas8722
LQ Newbie
 
Registered: Jan 2015
Posts: 8

Original Poster
Rep: Reputation: Disabled
proxy port is set to 3128,




squid config file as follows
------------------------------------------------------------------
#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
#_____________________________________________
acl DOWNLOAD urlpath_regex -i "/etc/squid/denydownload.txt"
acl extension_blocked urlpath_regex -i "/etc/squid/blocked.acl"
acl extensiondeny url_regex -i "/etc/squid/extensiondeny"
acl game urlpath_regex -i .mp3 .mp4 .wmv .3gp .3gpp .flv
acl saboo_port port 8880
#_______________________________________________________
acl POST method POST
#______________________________________________
acl FULLACC src 192.168.1.101 192.168.4.202 192.168.4.200 192.168.4.227 192.168.4.224 192.168.1.29 192.168.1.11 192.168.1.109 192.168.1.131 192.168.4.228 192.168.1.121 192.168.4.225 192.168.4.226 192.168.1.105 192.168.1.115 192.168.4.188 192.168.4.167 192.168.1.117 192.168.1.133 192.168.4.204 192.168.4.132 192.168.4.40 192.168.4.184
#acl ITINFRA src 192.168.1.0 192.168.1.20 192.168.1.152 192.168.4.40 192.168.4.184
#___________________________________________________
acl BLOCKED dstdomain .orkut.com .gmail.com gmail.google.com .mail.com .yahoo.com sharkhan.com .nse-india.com .indiatimes.com .kproxy.com .meebo.com .ebuddy.com hotmail.com .sex.com .lingeria.com .wallpaper.com .yahoo.co.in .video.com video.google.com video.google.uk.co .vtunnel.com .ebuzz.com .games.com .kroxy.com .mail.google.com .rediffmail.com .rediff.com .youtube.com .hrmovie.com .zapak.com .zapakmail.com .bigadda.com .msn.com .mouthshut.com .top100gamesites.com .sharekhan.com .igoogle.com .esakal.com .zoominfo.com .expressindia.com .saptahiksakal.com .picasa.google.com .picasa.google.co.in .songs.pk .myboli.com .hidemyass.com .santabanta.com .pudhari.com .epaper.timesofindia.com .ask.com .facebook.com .koolim.com .maps.google.com .maps.google.co.in .news.google.com .news.google.co.in .power.com .iloveim.com .imhaha.com .wattpad.com .metacafe.com .twitter.com .livego.com .fashionandyou.com .reddit.com .differentproxy.info .123greetings.com .karoolark.com
#_____________________________________________________
acl WORD url_regex iglk picasa songs games music ringtones sex babes video wallpapers themes movie lesbian sexy onlinemusic mp3 mp4 tunes itunes jokes shayri shemale orkut crack screensaver gmail talkgadget.google.com talk.google.com talkx.l.google.com chatenabled.mail.google.com sms cellphones cricket porn kamsutra bollywood hollywood respi chating santabanta epaper nse-india chat nude proxy pron
acl WORD url_regex iglk picasa songs games music ringtones sex babes video wallpapers movie lesbian sexy onlinemusic mp3 mp4 tunes itunes jokes shayri shemale orkut crack screensaver gmail talkgadget.google.com talk.google.com talkx.l.google.com chatenabled.mail.google.com sms cellphones cricket porn kamsutra bollywood hollywood respi chating santabanta epaper nse-india chat nude proxy pron
#_______________________________________________________
acl IMAGES dstdomain .images.google.com .images.google.co.in
#__________________________________________________________
acl AWORD url_regex 203.199.171.30 192.168.1.10 wsdl http://cert.webservices.sabre.com http://tempweb956.nic.in/ http://iicdelhi.nic.in/ http://doj.gov.in/ http://westerncoal.gov.in/ http://employer.dice.com/ http://www.dae.nic.in/ http://dae.nic.in/ www.tin-nsdl.com
#_______________________________________________________________
acl blocked_ports port 5222 5223
#_______________________________________________________________

acl notacc url_regex "/etc/squid/blocked_sites.txt"

acl extension_blocked urlpath_regex -i "/etc/squid/blocked.acl"

acl extensiondeny url_regex -i "/etc/squid/extensiondeny"

acl game urlpath_regex -i .mp3 .mp4 .wmv .3gp .3gpp .flv .torrent


acl gmail dstdomain www.gmail.com

acl saboo_port port 8880

acl SSL_ports port 443 8880 8080 8443
acl Safe_ports port 80 8880 8080 8443 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 3389 # RDP
acl CONNECT method CONNECT

# TAG: http_access
# Allowing or Denying access based on defined access lists
#
# Access to the HTTP port:
# http_access allow|deny [!]aclname ...
#
# NOTE on default values:
#
# If there are no "access" lines present, the default is to deny
# the request.
#
# If none of the "access" lines cause a match, the default is the
# opposite of the last line in the list. If the last line was
# deny, the default is allow. Conversely, if the last line
# is allow, the default will be deny. For these reasons, it is a
# good idea to have an "deny all" or "allow all" entry at the end
# of your access lists to avoid potential confusion.
#
#Default:
#http_access deny all
#
#Recommended minimum configuration:
# Only allow cachemgr access from localhost
# Deny requests to unknown ports
#http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
#http_access deny CONNECT !SSL_ports
#
# We strongly recommend the following be uncommented to protect innocent
# web applications running on the proxy server who think the only
# one who can access services on "localhost" is a local user
#http_access deny to_localhost
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS

# Example rule allowing access from your local networks. Adapt
# to list your (internal) IP networks from where browsing should
# be allowed
#acl our_networks src 192.168.1.0/24 192.168.2.0/24
#http_access allow our_networks

# And finally deny all other access to this proxy

#_______________________________
#http_access deny blocked_ports
#http_access allow ITINFRA
#____________________________

# TAG: http_access2
# Allowing or Denying access based on defined access lists
#
# Identical to http_access, but runs after redirectors. If not set
# then only http_access is used.
#
#Default:
# none

# TAG: http_reply_access
# Allow replies to client requests. This is complementary to http_access.
#
# http_reply_access allow|deny [!] aclname ...
#
# NOTE: if there are no access lines present, the default is to allow
# all replies
#
# If none of the access lines cause a match the opposite of the
# last line will apply. Thus it is good practice to end the rules
# with an "allow all" or "deny all" entry.
#
#Default:
# http_reply_access allow all

# TAG: icp_access
# Allowing or Denying access to the ICP port based on defined
# access lists
#
# icp_access allow|deny [!]aclname ...
#
# See http_access for details
 
Old 01-16-2015, 10:31 PM   #4
veerain
Senior Member
 
Registered: Mar 2005
Location: Earth bound to Helios
Distribution: Custom
Posts: 2,524

Rep: Reputation: 319Reputation: 319Reputation: 319Reputation: 319
Then add a line like if not set:

http_port 8880
 
Old 01-18-2015, 09:40 PM   #5
Vishwas8722
LQ Newbie
 
Registered: Jan 2015
Posts: 8

Original Poster
Rep: Reputation: Disabled
My proxy port is 3128, i want to open a website with 8880

example.com:8880 .

and also i have stopped iptables service.
 
Old 01-18-2015, 09:44 PM   #6
Vishwas8722
LQ Newbie
 
Registered: Jan 2015
Posts: 8

Original Poster
Rep: Reputation: Disabled
added http_port 8880 , same error

find the attachment
Attached Thumbnails
Click image for larger version

Name:	error.jpg
Views:	12
Size:	73.5 KB
ID:	17381  
 
Old 01-18-2015, 09:55 PM   #7
linuxtech99
Member
 
Registered: Jan 2015
Posts: 35

Rep: Reputation: 4
Do you have ACL set for this? If not, try the solution provided in http://www.linuxforums.org/forum/net...allow-url.html
 
Old 01-18-2015, 10:13 PM   #8
Vishwas8722
LQ Newbie
 
Registered: Jan 2015
Posts: 8

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by linuxtech99 View Post
Do you have ACL set for this? If not, try the solution provided in http://www.linuxforums.org/forum/net...allow-url.html

i have ip address not the url .

you can find it in error attachment ,
109.236.80.134:8880
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
squid port jammed open Law1213 Linux - Software 4 02-14-2006 02:08 PM
open port in squid conf efm Linux - Newbie 4 10-25-2005 11:03 PM
How to open ports 25 and port 110 on proxy server SQUID? fdavid Linux - Newbie 1 03-16-2005 11:31 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 05:41 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration