Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I can not access any thing that is in format of serverort !!!!
I can not use ssh , mail , webmin , http://serverort .....
also disable iptables : no good
here is my conf :
Code:
http_port 3128
visible_hostname some.secure.domain
cache_effective_user squid squid
acl all src 0.0.0.0/0.0.0.0
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd
auth_param negotiate children 5 startup=0 idle=1
auth_param basic realm My Proxy Server
auth_param basic credentialsttl 2 hour
auth_param basic casesensitive on
acl users proxy_auth REQUIRED
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
http_access deny !users
http_access allow users
http_access deny !Safe_ports
forwarded_for transparent
header_access Allow allow all
header_access Authorization allow all
header_access Cache-Control allow all
header_access Content-Encoding allow all
header_access Content-Length allow all
header_access Content-Type allow all
header_access Date allow all
header_access Expires allow all
header_access Host allow all
header_access If-Modified-Since allow all
header_access Last-Modified allow all
header_access Location allow all
header_access Pragma allow all
header_access Accept allow all
header_access Accept-Enncoding allow all
header_access Accept-Language allow all
header_access Content-Language allow all
header_access Mime-Version allow all
header_access Cookie allow all
header_access Set_Cookie allow all
header_access Retry-After allow all
header_access Title allow all
header_access Connection allow all
header_access Proxy-Connection allow all
header_access All deny all
header_replace User-Agent anonymous
squid is an http / ftp proxy, not ssh, not smtp, not imap. for anything non web related, you need to bypass squid.
if you want to access a web service on a different port, then you need to add that port number into the Safe_ports acl as with those other common ports listed.
if you want to access a web service on a different port, then you need to add that port number into the Safe_ports acl as with those other common ports listed.
as you can see I just opened port 1024-65535 and my webmin port 10000 so it should be open !
but i get this in log when i try to access webmin :
Quote:
1339589478.540 5 xxx.xxx.xxx.xxx TCP_MISS/503 0 CONNECT yyy.yyy.yyy.yyy:10000 user DIRECT/- -
Sorry, missed that line. So then squid is working fine. it's nothing to do with squid. That's a CONNECT command, so you're doing this on HTTPS? Can you reach that destination from the squid box with a curl or telnet?
I just installed ss5 on same server as squid on another port and I access all those that I can not access when squid is added to my local proxy machine .
so it seems the problem is some where in my squid settings .
when machine is under squids proxy no !
I can not access any server: port when I set to squid proxy
it gives me error :
1339590732.476 5 188.158.28.12 TCP_MISS/503 0 CONNECT myserver.com:10000 user DIRECT/- -
but with default port 80 it shows :
1339590732.476 5 188.158.28.12 TCP_MISS/200 CONNECT myserver.com:80 user DIRECT/ myserver.com -
and it opens the page !
Can you actually read what I said instead of repeating the same thing?
I told you that when the internet of my local machine is set under my squid proxy server : no I can not telnet ! but when I disable the proxy yes I can telnet !
Quote:
06.13 16:51:37] putty.exe - myserver:10000 open directly
[06.13 16:51:38] putty.exe - myserver:10000 close, 21 bytes sent, 16 bytes received, lifetime 00:01
[06.13 16:53:09] putty.exe - myserver:10000 close error : Could not connect through proxy 176.227.201.59:3128 - Proxy server cannot establish a connection with the target, status code 503
access.log :
Quote:
1339593992.971 5 188.158.28.99 TCP_MISS/503 0 CONNECT myserver:10000 user DIRECT/- -
I can not even reach webmin of squid box when I'm under its own squid !!!
and yes I tried lynx and I can reach every destination with non-standard ports !
from squidbox :
Quote:
# curl -k https://someserver:10000
<!doctype html public "-//W3C//DTD HTML 3.2 Final//EN">
<html>
<head>
<link rel='stylesheet' type='text/css' href='/unauthenticated/style.css' />
<script type='text/javascript' src='/unauthenticated/toggleview.js'></script>
<script>
var rowsel = new Array();
</script>
.....
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
ort !!!!
