Cant get squid proxy to work

i need squid proxy on my centos server. But i just can't get it to work. I did yum install squid. Here is my squid.conf file (i removed all comments):

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80      
acl Safe_ports port 21      
acl Safe_ports port 443     
acl Safe_ports port 70      
acl Safe_ports port 210     
acl Safe_ports port 1025-65535  
acl Safe_ports port 280     
acl Safe_ports port 488     
acl Safe_ports port 591     
acl Safe_ports port 777     
acl CONNECT method CONNECT
acl our_networks src 192.168.1.0/24 192.168.2.0/24
http_access allow our_networks
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all

icp_access allow all

http_port 3128

hierarchy_stoplist cgi-bin ?

access_log /var/log/squid/access.log squid

acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY

refresh_pattern ^ftp:       1440    20% 10080
refresh_pattern ^gopher:    1440    0%  1440
refresh_pattern .       0   20% 4320

acl apache rep_header Server ^Apache
broken_vary_encoding allow apache

coredump_dir /var/spool/squid

Then i just put my server's public ip and port 3128 into my web browsers proxy settings... but it isn't working i can't visit any website. Please help. Thanks.

danielgratz

Posted 2011-05-04T07:27:00.647

Reputation: 29

my firewall is off... i.e, iptables has default policy of ACCEPT on all tables. – danielgratz – 2011-05-04T07:29:53.513

Answers

The configuration file for squid doesn't use /24 to define subnets, use: 192.168.1.0/255.255.255.0 instead...

smintz

Posted 2011-05-04T07:27:00.647

Reputation: 1 086

I would start by verifying that the service is running and then I would check to see if it is listening on 3128 like you expect. Telnet is a quick tool for checking TCP ports.

telnet your.centos.box 3128

It will tell you if it was able to connect. You could also use netstat on your centos box to do the same thing. After that, I would check /var/log/squid/access.log to see if there are any signs of your testing with firefox. It has been a while since I played with squid so there may be some logging options you may need to change/setup to get good output. I would also consider allowing http access from 'all' until you get things running but only if you are doing this on an internal network or you setup your firewall to prevent abuse.

chuck

Posted 2011-05-04T07:27:00.647

Reputation: 504

I'm guessing Squid is starting when you hit service squid start?

If not check to see if it is failing to start, usually it fails when you forget to add the FQDN, and also have you initialized the cache.

If Squid is running open up a ssh window and tail -f /var/log/squid/access.log while trying to access via client that is configured to use proxy and see what error messages appear.

Also you could consider installed webmin, and setup Squid using the GUI.

http://www.webmin.com/

And its easy to install, just download the .rpm and install the package and sorted.

SamCulley

Posted 2011-05-04T07:27:00.647

Reputation: 63