LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 12-19-2018, 12:43 AM   #1
anonaii
LQ Newbie
 
Registered: Dec 2018
Distribution: Ubuntu
Posts: 4

Rep: Reputation: Disabled
Squid proxy(3.5) denying access to port on local network


I'm trying to set up Squid proxy on my CentOS machine, but it won't allow access to the port I set it on, on Firefox it will just say "Proxy is refusing connections". I've tried multiple ports, but it won't allow access to any of them.
sudo netstat -peanut gives me this:
Code:
tcp        0      0 127.0.0.1:3128          0.0.0.0:*               LISTEN      0          55512      6861/(squid-1)      
udp        0      0 0.0.0.0:50232           0.0.0.0:*                           23         55509      6861/(squid-1)      
udp6       0      0 :::39479                :::*                                23         55508      6861/(squid-1)
But nmap -A gives me this:
Code:
PORT   STATE SERVICE VERSION
22/tcp open  ssh     OpenSSH 7.4 (protocol 2.0)
| ssh-hostkey: 
|   Censored 
|_  Censored
So the port is open and listening, but not accepting traffic from LAN computers. I've tried to specify my computer's local IP, but that didn't work either

Here's my config file, It's just the default 3.5 config though:
https://pastebin.com/raw/qkvL76Rs

Last edited by anonaii; 12-19-2018 at 01:22 AM.
 
Old 12-19-2018, 03:01 AM   #2
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,643

Rep: Reputation: 1813Reputation: 1813Reputation: 1813Reputation: 1813Reputation: 1813Reputation: 1813Reputation: 1813Reputation: 1813Reputation: 1813Reputation: 1813Reputation: 1813
Quote:
Originally Posted by anonaii View Post
I'm trying to set up Squid proxy on my CentOS machine, but it won't allow access to the port I set it on, on Firefox it will just say "Proxy is refusing connections". I've tried multiple ports, but it won't allow access to any of them.
sudo netstat -peanut gives me this:
Code:
tcp        0      0 127.0.0.1:3128          0.0.0.0:*               LISTEN      0          55512      6861/(squid-1)      
udp        0      0 0.0.0.0:50232           0.0.0.0:*                           23         55509      6861/(squid-1)      
udp6       0      0 :::39479                :::*                                23         55508      6861/(squid-1)
But nmap -A gives me this:
Code:
PORT   STATE SERVICE VERSION
22/tcp open  ssh     OpenSSH 7.4 (protocol 2.0)
| ssh-hostkey: 
|   Censored 
|_  Censored
So the port is open and listening, but not accepting traffic from LAN computers. I've tried to specify my computer's local IP, but that didn't work either

Here's my config file, It's just the default 3.5 config though:
https://pastebin.com/raw/qkvL76Rs
Your config file looks correct, but from the netstat output it's obvious that squid listens only on the local loopback interface. That's why LAN computers cannot connect to it.
Perhaps you're using a different squid.conf.

If your box is systemd capable, you can run:
Code:
systemctl status squid
to see the config file used at runtime

Regards
 
Old 12-19-2018, 03:52 AM   #3
anonaii
LQ Newbie
 
Registered: Dec 2018
Distribution: Ubuntu
Posts: 4

Original Poster
Rep: Reputation: Disabled
Apparently, I used the wrong netstat output, the correct one is
Code:
{~}::sudo netstat -peanut | grep squid
tcp6       0      0 :::3128                 :::*                    LISTEN      0          35268      4582/(squid-1)      
udp        0      0 0.0.0.0:37639           0.0.0.0:*                           23         35263      4582/(squid-1)      
udp6       0      0 :::51355                :::*                                23         35262      4582/(squid-1)
And my systemctl output is
Code:
   Loaded: loaded (/usr/lib/systemd/system/squid.service; enabled; vendor preset: disabled)
   Active: active (running) since Sun 2010-01-10 08:26:11 CST; 24min ago
  Process: 4541 ExecStop=/usr/sbin/squid -k shutdown -f $SQUID_CONF (code=exited, status=1/FAILURE)
  Process: 4579 ExecStart=/usr/sbin/squid $SQUID_OPTS -f $SQUID_CONF (code=exited, status=0/SUCCESS)
  Process: 4572 ExecStartPre=/usr/libexec/squid/cache_swap.sh (code=exited, status=0/SUCCESS)
 Main PID: 4580 (squid)
   CGroup: /system.slice/squid.service
           ├─4580 /usr/sbin/squid -f /etc/squid/squid.conf
           ├─4582 (squid-1) -f /etc/squid/squid.conf
           ├─4583 (logfile-daemon) /var/log/squid/access.log
           └─4584 (unlinkd)

Jan 10 08:26:11 CentOS systemd[1]: Starting Squid caching proxy...
Jan 10 08:26:11 CentOS squid[4580]: Squid Parent: will start 1 kids
Jan 10 08:26:11 CentOS squid[4580]: Squid Parent: (squid-1) process 4582 started
Jan 10 08:26:11 CentOS systemd[1]: Started Squid caching proxy.
So it's using the right config, but it still seems like I can't access the port
 
Old 12-19-2018, 04:35 AM   #4
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,643

Rep: Reputation: 1813Reputation: 1813Reputation: 1813Reputation: 1813Reputation: 1813Reputation: 1813Reputation: 1813Reputation: 1813Reputation: 1813Reputation: 1813Reputation: 1813
Quote:
So it's using the right config, but it still seems like I can't access the port
Then it should be a firewall blocking connections to port 3128.
 
Old 12-19-2018, 04:39 AM   #5
anonaii
LQ Newbie
 
Registered: Dec 2018
Distribution: Ubuntu
Posts: 4

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by bathory View Post
Then it should be a firewall blocking connections to port 3128.
I don't have a firewall on either computers, the CentOS machine is a minimal install, and the port is inaccessible from both my laptop, and my Raspberry Pi.
 
Old 12-19-2018, 04:51 AM   #6
anonaii
LQ Newbie
 
Registered: Dec 2018
Distribution: Ubuntu
Posts: 4

Original Poster
Rep: Reputation: Disabled
I'm an idiot, firewalld was installed and running
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Squid Proxy(centos):How to configure internet access for a specific IP address to access only YouTube on squid proxy raymond m Linux - Newbie 3 07-26-2017 04:05 PM
Squid server denying access Dashadower Linux - Software 1 01-08-2014 03:23 AM
configure squid proxy with microsoft proxy as a parent proxy nintykola Linux - Software 1 08-28-2007 02:38 AM
denying computer thur mac address squid slack66 Slackware 0 11-22-2006 08:56 AM
Denying access to SSH but allow access to FTP nemesisza Linux - Security 5 03-14-2004 11:25 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 06:19 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration