How to make squid proxy to allow all connections from different IPs
I setup squid proxy on my VPS on DigitalOcean. But I have a problem - my home IP address changes constantly, since it is dynamic. I tried to use no-ip (since it's free) but when I add acl myhome srcdomain mydomain.no-ip.org
, I cannot connect to the proxy.
I also tried to add a dot in mydomain.no-ip.org, but still no luck. So I decided to open it to all, so no matter what my home IP is, still, I can't connect to squid.
How can I allow squid to accept all incoming connections, regardless of the originating IP address? Or do is there a workaround?
ubuntu-14.04 squid proxy-server
add a comment |
I setup squid proxy on my VPS on DigitalOcean. But I have a problem - my home IP address changes constantly, since it is dynamic. I tried to use no-ip (since it's free) but when I add acl myhome srcdomain mydomain.no-ip.org
, I cannot connect to the proxy.
I also tried to add a dot in mydomain.no-ip.org, but still no luck. So I decided to open it to all, so no matter what my home IP is, still, I can't connect to squid.
How can I allow squid to accept all incoming connections, regardless of the originating IP address? Or do is there a workaround?
ubuntu-14.04 squid proxy-server
add a comment |
I setup squid proxy on my VPS on DigitalOcean. But I have a problem - my home IP address changes constantly, since it is dynamic. I tried to use no-ip (since it's free) but when I add acl myhome srcdomain mydomain.no-ip.org
, I cannot connect to the proxy.
I also tried to add a dot in mydomain.no-ip.org, but still no luck. So I decided to open it to all, so no matter what my home IP is, still, I can't connect to squid.
How can I allow squid to accept all incoming connections, regardless of the originating IP address? Or do is there a workaround?
ubuntu-14.04 squid proxy-server
I setup squid proxy on my VPS on DigitalOcean. But I have a problem - my home IP address changes constantly, since it is dynamic. I tried to use no-ip (since it's free) but when I add acl myhome srcdomain mydomain.no-ip.org
, I cannot connect to the proxy.
I also tried to add a dot in mydomain.no-ip.org, but still no luck. So I decided to open it to all, so no matter what my home IP is, still, I can't connect to squid.
How can I allow squid to accept all incoming connections, regardless of the originating IP address? Or do is there a workaround?
ubuntu-14.04 squid proxy-server
ubuntu-14.04 squid proxy-server
edited Jul 16 '15 at 4:08
fixer1234
18.9k144982
18.9k144982
asked Jul 16 '15 at 1:56
user469790user469790
612
612
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
Did you also use this after you defined the ACL:
http_access allow myhome
Another suggestion if you cant get the no-ip to work, is perhaps defining an entire range of IP's. If you track your IP changes you should be able to work out a list of addresses. In my case I usually I only get a few addresses and they are all in the same networks.
Eg. I will get something like: 192.168.1.25 and then only the last 1 or 2 numbers change. So you could simply allow all IP's from 192.168.0.0. Not the nicest solution, I think your no-ip solution is much better if u can get that to work.
EDIT: Some info on how to enable more debug info to work out why you cant get access, In squid.conf enable debugging for section 33 at level 2. For example:
debug_options ALL,1 33,2
Restart squid then try and use your proxy, when it fails to work check the cache.log for the error. That should hopefully tell you why its not working.
Also just as a test to make sure your no-ip domain is working correctly as sometimes it takes a while for DNS to catch up, use:
nslookup no-ip-host-name
That should return your IP address, check to make sure that is actually your IP. If they dont match its because the DNS servers configured are a bit slow to update. I found OpenDNS is pretty quick for updates. Let me know if you need more info.
actually, i already allow it. but i cannot connect when using no-ip. but, when i useacl myhome src my-public-ip-here
instead ofacl myhome srcdomain no-ip-domain-here
i can connect to the internet. so what i did, i allow all. but i don't know if this is a good idea since anyone can use this when they know the ip of my squid server
– user469790
Jul 16 '15 at 5:31
yea that makes your proxy a public one, u will have people using that very soon. People use port scanners to find them. So best to fix it. I've added more info to my answer for you. Hope that helps.
– dakka
Jul 16 '15 at 6:56
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f941200%2fhow-to-make-squid-proxy-to-allow-all-connections-from-different-ips%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Did you also use this after you defined the ACL:
http_access allow myhome
Another suggestion if you cant get the no-ip to work, is perhaps defining an entire range of IP's. If you track your IP changes you should be able to work out a list of addresses. In my case I usually I only get a few addresses and they are all in the same networks.
Eg. I will get something like: 192.168.1.25 and then only the last 1 or 2 numbers change. So you could simply allow all IP's from 192.168.0.0. Not the nicest solution, I think your no-ip solution is much better if u can get that to work.
EDIT: Some info on how to enable more debug info to work out why you cant get access, In squid.conf enable debugging for section 33 at level 2. For example:
debug_options ALL,1 33,2
Restart squid then try and use your proxy, when it fails to work check the cache.log for the error. That should hopefully tell you why its not working.
Also just as a test to make sure your no-ip domain is working correctly as sometimes it takes a while for DNS to catch up, use:
nslookup no-ip-host-name
That should return your IP address, check to make sure that is actually your IP. If they dont match its because the DNS servers configured are a bit slow to update. I found OpenDNS is pretty quick for updates. Let me know if you need more info.
actually, i already allow it. but i cannot connect when using no-ip. but, when i useacl myhome src my-public-ip-here
instead ofacl myhome srcdomain no-ip-domain-here
i can connect to the internet. so what i did, i allow all. but i don't know if this is a good idea since anyone can use this when they know the ip of my squid server
– user469790
Jul 16 '15 at 5:31
yea that makes your proxy a public one, u will have people using that very soon. People use port scanners to find them. So best to fix it. I've added more info to my answer for you. Hope that helps.
– dakka
Jul 16 '15 at 6:56
add a comment |
Did you also use this after you defined the ACL:
http_access allow myhome
Another suggestion if you cant get the no-ip to work, is perhaps defining an entire range of IP's. If you track your IP changes you should be able to work out a list of addresses. In my case I usually I only get a few addresses and they are all in the same networks.
Eg. I will get something like: 192.168.1.25 and then only the last 1 or 2 numbers change. So you could simply allow all IP's from 192.168.0.0. Not the nicest solution, I think your no-ip solution is much better if u can get that to work.
EDIT: Some info on how to enable more debug info to work out why you cant get access, In squid.conf enable debugging for section 33 at level 2. For example:
debug_options ALL,1 33,2
Restart squid then try and use your proxy, when it fails to work check the cache.log for the error. That should hopefully tell you why its not working.
Also just as a test to make sure your no-ip domain is working correctly as sometimes it takes a while for DNS to catch up, use:
nslookup no-ip-host-name
That should return your IP address, check to make sure that is actually your IP. If they dont match its because the DNS servers configured are a bit slow to update. I found OpenDNS is pretty quick for updates. Let me know if you need more info.
actually, i already allow it. but i cannot connect when using no-ip. but, when i useacl myhome src my-public-ip-here
instead ofacl myhome srcdomain no-ip-domain-here
i can connect to the internet. so what i did, i allow all. but i don't know if this is a good idea since anyone can use this when they know the ip of my squid server
– user469790
Jul 16 '15 at 5:31
yea that makes your proxy a public one, u will have people using that very soon. People use port scanners to find them. So best to fix it. I've added more info to my answer for you. Hope that helps.
– dakka
Jul 16 '15 at 6:56
add a comment |
Did you also use this after you defined the ACL:
http_access allow myhome
Another suggestion if you cant get the no-ip to work, is perhaps defining an entire range of IP's. If you track your IP changes you should be able to work out a list of addresses. In my case I usually I only get a few addresses and they are all in the same networks.
Eg. I will get something like: 192.168.1.25 and then only the last 1 or 2 numbers change. So you could simply allow all IP's from 192.168.0.0. Not the nicest solution, I think your no-ip solution is much better if u can get that to work.
EDIT: Some info on how to enable more debug info to work out why you cant get access, In squid.conf enable debugging for section 33 at level 2. For example:
debug_options ALL,1 33,2
Restart squid then try and use your proxy, when it fails to work check the cache.log for the error. That should hopefully tell you why its not working.
Also just as a test to make sure your no-ip domain is working correctly as sometimes it takes a while for DNS to catch up, use:
nslookup no-ip-host-name
That should return your IP address, check to make sure that is actually your IP. If they dont match its because the DNS servers configured are a bit slow to update. I found OpenDNS is pretty quick for updates. Let me know if you need more info.
Did you also use this after you defined the ACL:
http_access allow myhome
Another suggestion if you cant get the no-ip to work, is perhaps defining an entire range of IP's. If you track your IP changes you should be able to work out a list of addresses. In my case I usually I only get a few addresses and they are all in the same networks.
Eg. I will get something like: 192.168.1.25 and then only the last 1 or 2 numbers change. So you could simply allow all IP's from 192.168.0.0. Not the nicest solution, I think your no-ip solution is much better if u can get that to work.
EDIT: Some info on how to enable more debug info to work out why you cant get access, In squid.conf enable debugging for section 33 at level 2. For example:
debug_options ALL,1 33,2
Restart squid then try and use your proxy, when it fails to work check the cache.log for the error. That should hopefully tell you why its not working.
Also just as a test to make sure your no-ip domain is working correctly as sometimes it takes a while for DNS to catch up, use:
nslookup no-ip-host-name
That should return your IP address, check to make sure that is actually your IP. If they dont match its because the DNS servers configured are a bit slow to update. I found OpenDNS is pretty quick for updates. Let me know if you need more info.
edited Jul 16 '15 at 6:55
answered Jul 16 '15 at 2:33
dakkadakka
1114
1114
actually, i already allow it. but i cannot connect when using no-ip. but, when i useacl myhome src my-public-ip-here
instead ofacl myhome srcdomain no-ip-domain-here
i can connect to the internet. so what i did, i allow all. but i don't know if this is a good idea since anyone can use this when they know the ip of my squid server
– user469790
Jul 16 '15 at 5:31
yea that makes your proxy a public one, u will have people using that very soon. People use port scanners to find them. So best to fix it. I've added more info to my answer for you. Hope that helps.
– dakka
Jul 16 '15 at 6:56
add a comment |
actually, i already allow it. but i cannot connect when using no-ip. but, when i useacl myhome src my-public-ip-here
instead ofacl myhome srcdomain no-ip-domain-here
i can connect to the internet. so what i did, i allow all. but i don't know if this is a good idea since anyone can use this when they know the ip of my squid server
– user469790
Jul 16 '15 at 5:31
yea that makes your proxy a public one, u will have people using that very soon. People use port scanners to find them. So best to fix it. I've added more info to my answer for you. Hope that helps.
– dakka
Jul 16 '15 at 6:56
actually, i already allow it. but i cannot connect when using no-ip. but, when i use
acl myhome src my-public-ip-here
instead of acl myhome srcdomain no-ip-domain-here
i can connect to the internet. so what i did, i allow all. but i don't know if this is a good idea since anyone can use this when they know the ip of my squid server– user469790
Jul 16 '15 at 5:31
actually, i already allow it. but i cannot connect when using no-ip. but, when i use
acl myhome src my-public-ip-here
instead of acl myhome srcdomain no-ip-domain-here
i can connect to the internet. so what i did, i allow all. but i don't know if this is a good idea since anyone can use this when they know the ip of my squid server– user469790
Jul 16 '15 at 5:31
yea that makes your proxy a public one, u will have people using that very soon. People use port scanners to find them. So best to fix it. I've added more info to my answer for you. Hope that helps.
– dakka
Jul 16 '15 at 6:56
yea that makes your proxy a public one, u will have people using that very soon. People use port scanners to find them. So best to fix it. I've added more info to my answer for you. Hope that helps.
– dakka
Jul 16 '15 at 6:56
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f941200%2fhow-to-make-squid-proxy-to-allow-all-connections-from-different-ips%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown