-1

I have a Linux box (Ubuntu 9.10) at a different location. I installed squid proxy and tried using that IP and port (opened 3128 at that location) in Firefox. I can't get it to work.

My current scenario :

  • The current location ISP's IP is 72.87.54.XX
  • Each machine in the network has the IP range 192.168.0.0/104

In /etc/squid/squid.conf : how would I configure this part in acl :

acl internal_network src 192.168.0.0/104
http_access allow internal_network

Where would I put the actual IP 72.87.54.XX in the squid.conf file to be allowed for internet traffic at the remote location?

ThinkCode
  • 184
  • 2
  • 10
  • 1
    Define 'doesn't work'. Do you get squid access denied pages or what? If you do a tcpdump on the squid box do you see the incoming requests for port 3128? What do you see in the squid cache/access logs? – Zoredache Jan 04 '12 at 21:19
  • 1
    BTW You know that Ubuntu 9.10 is no longer supported right? You should seriously consider updating, so you can receive security patches. – Zoredache Jan 04 '12 at 21:23
  • Yeah, we will have to place an update request for the latest version of Ubuntu. Checked the logs, I see the IP from the remote location where a test machine was used to check Squid. It worked at the remote location but not from my location. I don't get a Squid denied access page either. – ThinkCode Jan 04 '12 at 22:40
  • 192.168.0.0/104 isn't a valid IPv4 address range as there are only 32 bits in the address (rather than the 104+ implied by your netmask). Is that a typo? – Pak Aug 09 '17 at 11:48

1 Answers1

-1

You will want an extra couple of lines like this:

acl office_network src 72.87.54.0/104
http_access allow office_network

The name "office_network" is arbitrary and should match whatever makes sense for what the IP addresses are used for.

The /104 is not what I'm used to seeing. This is normally /24 which represents an IPv4 netmask covering the first three octets and leaving the last one free.

Ladadadada
  • 26,337
  • 7
  • 59
  • 90
  • Actually, on reading your question again, I'm not sure which of the IP addresses is the Squid server and which is your office. Could you clarify? – Ladadadada Jan 04 '12 at 17:52
  • Squid server has a different IP like 31.101.xx.xx port 3128 open. My office : Comcast's IP is 72.87.54.xx. I thought 72.87.54.0/104 is supposed to be the range. 24 makes sense. Will try... – ThinkCode Jan 04 '12 at 17:54
  • This didn't work either :( I am kinda lost on the config file! – ThinkCode Jan 04 '12 at 18:06
  • Does your firewall allow inbound connections from 72.87.54.0/24 on port 3128? – Exsisto Jan 14 '16 at 09:04