I have mentioned my LAN network as
was that not enough, am i missing something in below configuration?

On Mon, Mar 19, 2012 at 11:28 PM, Edmonds Namasenda <namase...@gmail.com> wrote:
> You might need a firewall of sorts.
> And, you need to specify your LAN's network (s) in Squid conf.
> I.P.N Edmonds
> Systems | Networks | ICTs
> UgM: +256 71 227 3374 | TzM: +255 68 422 1561
> # 22249, Kampala Uganda.
> -----Original Message-----
> From: Vijay S <vi...@reactmedia.com>
> Date: Mon, 19 Mar 2012 23:22:30
> To: <namase...@gmail.com>; <squid-users@squid-cache.org>
> Subject: Re: [squid-users] whitelisted IP problem
> DO i have to do any IP tables configurations for this as well?
> On Mon, Mar 19, 2012 at 10:57 PM, Vijay <vi...@reactmedia.com> wrote:
>> I am still a beginner, I googled some site and found this configuration
>> initially it was this
>> #
>> # Recommended minimum configuration:
>> #
>> acl manager proto cache_object
>> acl server src
>> acl localhost src ::1
>> acl to_localhost dst ::1
>> # Example rule allowing access from your local networks.
>> # Adapt to list your (internal) IP networks from where browsing
>> # should be allowed
>> acl localnet src     # RFC1918 possible internal network
>> acl localnet src  # RFC1918 possible internal network
>> acl localnet src # RFC1918 possible internal network
>> acl localnet src fc00::/7       # RFC 4193 local private network range
>> acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged)
>> machines
>> acl SSL_ports port 443
>> acl Safe_ports port 80          # http
>> acl Safe_ports port 21          # ftp
>> acl Safe_ports port 443         # https
>> acl Safe_ports port 70          # gopher
>> acl Safe_ports port 210         # wais
>> acl Safe_ports port 1025-65535  # unregistered ports
>> acl Safe_ports port 280         # http-mgmt
>> acl Safe_ports port 488         # gss-http
>> acl Safe_ports port 591         # filemaker
>> acl Safe_ports port 777         # multiling http
>> acl CONNECT method CONNECT
>> #
>> # Recommended minimum Access Permission configuration:
>> #
>> # Only allow cachemgr access from localhost
>> http_access allow manager localhost server
>> http_access deny manager
>> # Deny requests to certain unsafe ports
>> http_access deny !Safe_ports
>> # Deny CONNECT to other than secure SSL ports
>> http_access deny CONNECT !SSL_ports
>> # We strongly recommend the following be uncommented to protect innocent
>> # web applications running on the proxy server who think the only
>> # one who can access services on "localhost" is a local user
>> #http_access deny to_localhost
>> #
>> #
>> # Example rule allowing access from your local networks.
>> # Adapt localnet in the ACL section to list your (internal) IP networks
>> # from where browsing should be allowed
>> http_access allow localnet
>> http_access allow localhost server
>> # And finally deny all other access to this proxy
>> http_access deny all
>> # Squid normally listens to port 3128
>> http_port 3128
>> # We recommend you to use at least the following line.
>> hierarchy_stoplist cgi-bin ?
>> # Uncomment and adjust the following to add a disk cache directory.
>> #cache_dir ufs /var/spool/squid 100 16 256
>> # Leave coredumps in the first cache dir
>> coredump_dir /var/spool/squid
>> # Add any of your own refresh_pattern entries above these.
>> refresh_pattern ^ftp:           1440    20%     10080
>> refresh_pattern ^gopher:        1440    0%      1440
>> refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
>> refresh_pattern .               0       20%     4320
>> visible_hostname reactmedia.com
>> debug_options ALL,1 33,2 28,9
>> tcp_outgoing_address
>> Thanks & Regards
>> Vijay
>> -----Original Message-----
>> From: Edmonds Namasenda [mailto:namase...@gmail.com]
>> Sent: Monday, March 19, 2012 10:33 PM
>> To: Vijay S; squid-users@squid-cache.org
>> Subject: Re: [squid-users] whitelisted IP problem
>> Vijay,
>> Just a quick look has shown me you did not specify your network and there
>> are a few typo errors.
>> Re-adjust, test, and fill us in some more.
>> I.P.N Edmonds
>> Systems | Networks | ICTs
>> UgM: +256 71 227 3374 | TzM: +255 68 422 1561 # 22249, Kampala Uganda.
>> -----Original Message-----
>> From: Vijay S <vi...@reactmedia.com>
>> Date: Mon, 19 Mar 2012 22:28:03
>> To: <squid-users@squid-cache.org>
>> Subject: [squid-users] whitelisted IP problem Hi
>> I have a my server box hosting apache and squid on centos machine.
>> When I send my request for clients feeds it works as they have whitelisted
>> my IP address, and when I make the call via squid its give me invalid IP. I
>> checked the access log for more information and found out instead of sending
>> my IP address its sending the localhost IP address (
>> I googled a little and found that using tcp_outgoing_address directive I can
>> control the outgoing IP address  and to my bad luck this didn't work
>> My configuration file is as follows
>> acl all src all
>> acl manager proto cache_object
>> acl localhost src acl to_localhost dst
>> acl SSL_ports port 443
>> acl Safe_ports port 80          # http
>> acl Safe_ports port 21          # ftp
>> acl Safe_ports port 443         # https
>> acl Safe_ports port 70          # gopher
>> acl Safe_ports port 210         # wais
>> acl Safe_ports port 1025-65535  # unregistered ports
>> acl Safe_ports port 280         # http-mgmt
>> acl Safe_ports port 488         # gss-http
>> acl Safe_ports port 591         # filemaker
>> acl Safe_ports port 777         # multiling http
>> acl CONNECT method CONNECT
>> http_access allow manager localhost
>> http_access deny manager
>> http_access deny !Safe_ports
>> http_access deny CONNECT !SSL_ports
>> http_access allow localhost
>> http_access deny all
>> icp_access allow all
>> http_port 3128
>> visible_hostname loclahost
>> debug_options ALL,1 33,2 28,9
>> tcp_outgoing_address
>> Can somebody help me with configuration for the my servers. It will be of
>> great help.
>> Thanks & Regards
>> Vijay

Reply via email to