0

I had cureently installed squid3-3.4.8 on Debian with following script

#!/bin/bash

# add Debian Wheezy backports repository
cat <<EOF> /etc/apt/sources.list.d/wheezy-backports.list
deb http://ftp.de.debian.org/debian wheezy-backports main
deb-src http://ftp.de.debian.org/debian wheezy-backports main
EOF

# update repository list
apt-get update

# install required dev packages
apt-get install -y wget openssl devscripts build-essential libssl-dev

# install debian squid3 source code
apt-get source -y squid3

# install all required dependeny packages
apt-get build-dep -y squid3

# enable SSL support
wget -q http://dl.panticz.de/squid/squid3-3.4.8_enable_ssl.diff -O - | patch -p2 squid3-3.4.8/debian/rules

# build packages
cd squid3-3.4.8
debuild -us -uc

apt-get install logrotate
dpkg -i *.deb
apt-get install -f

After that modified /etc/squid3/squid.conf

#acl manager proto cache_object
#acl localhost src 127.0.0.1/32 ::1
#acl to_localhost dst 127.0.0.1/8 0.0.0.0/32 ::1
visible_hostname SRSQUID3
acl SSL_ports port 443
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
http_access allow all
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all
http_port 3128 accel defaultsite=cona-proxy vhost
#cache_peer 192.168.122.11 parent 80 0 no-query originserver login=PAS name=webserver
cache_dir ufs /var/spool/squid3 100 16 256
coredump_dir /var/spool/squid3
refresh_pattern ^ftp:   1440    20% 10080
refresh_pattern ^gopher:    1440    0%  1440
refresh_pattern -i (/cgi-bin/|\?)   0   0%  0
refresh_pattern (Release|Packages(.gz)*)$   0   20% 2880
refresh_pattern .   0   20% 4320
always_direct allow all
acl server_users dstdomain cona-proxy
http_access allow server_users
#cache_peer_access webserver allow server_users
#cache_peer_access webserver deny all

acl myhosts src 10.10.0.0/255.255.0.0
http_access allow myhosts

In domain computer pointed to this proxy, and openning http page gives:

It works!
This is default web page for this server.
The web server software is running but no content has been added, yet.

It's apache's info. cat /var/log/squid3/access.log displays no access to squid, only apache's logs are written. Https page diplays: this page cannot be displayed, but firt i want at least http to work. Any help is appreciated.

user359042
  • 1
  • Where is apache coming into the mix? Is the client pointing at squids port (3128) ? – tweeks200 Jun 05 '16 at 16:02
  • so .. a reverse-proxy setup being abused to make it an open-proxy, then having browsers configured to use it as a forward/explicit proxy. complete mess. What is this proxy actually supposed to be doing? – Amos Jeffries Sep 28 '16 at 04:33

2 Answers2

0

Yes, that was pointing to 80 port, which is apache. 3128 port in browser solved the problem.

user359050
  • 1
  • 2
    With a bit of editing this could become an answer to the question. However as it stands now, it looks more like a comment than an answer. – kasperd Jun 05 '16 at 18:34
0

Make sure the client is pointing to squid (port 3128) and not to apache (probably port 80)

tweeks200
  • 351
  • 1
  • 3
  • 11