Cant get squid proxy to work
Solution 1
I would start by verifying that the service is running and then I would check to see if it is listening on 3128 like you expect. Telnet is a quick tool for checking TCP ports.
telnet your.centos.box 3128
It will tell you if it was able to connect. You could also use netstat on your centos box to do the same thing. After that, I would check /var/log/squid/access.log to see if there are any signs of your testing with firefox. It has been a while since I played with squid so there may be some logging options you may need to change/setup to get good output. I would also consider allowing http access from 'all' until you get things running but only if you are doing this on an internal network or you setup your firewall to prevent abuse.
Solution 2
The configuration file for squid doesn't use /24
to define subnets, use: 192.168.1.0/255.255.255.0
instead...
Related videos on Youtube
danielgratz
Updated on September 18, 2022Comments
-
danielgratz over 1 year
i need squid proxy on my centos server. But i just can't get it to work. I did yum install squid. Here is my squid.conf file (i removed all comments):
acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 acl Safe_ports port 80 acl Safe_ports port 21 acl Safe_ports port 443 acl Safe_ports port 70 acl Safe_ports port 210 acl Safe_ports port 1025-65535 acl Safe_ports port 280 acl Safe_ports port 488 acl Safe_ports port 591 acl Safe_ports port 777 acl CONNECT method CONNECT acl our_networks src 192.168.1.0/24 192.168.2.0/24 http_access allow our_networks http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access deny all icp_access allow all http_port 3128 hierarchy_stoplist cgi-bin ? access_log /var/log/squid/access.log squid acl QUERY urlpath_regex cgi-bin \? cache deny QUERY refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 acl apache rep_header Server ^Apache broken_vary_encoding allow apache coredump_dir /var/spool/squid
Then i just put my server's public ip and port 3128 into my web browsers proxy settings... but it isn't working i can't visit any website. Please help. Thanks.
-
danielgratz about 13 yearsmy firewall is off... i.e, iptables has default policy of ACCEPT on all tables.
-