How to make squid proxy to allow all connections from different IPs












1















I setup squid proxy on my VPS on DigitalOcean. But I have a problem - my home IP address changes constantly, since it is dynamic. I tried to use no-ip (since it's free) but when I add acl myhome srcdomain mydomain.no-ip.org, I cannot connect to the proxy.



I also tried to add a dot in mydomain.no-ip.org, but still no luck. So I decided to open it to all, so no matter what my home IP is, still, I can't connect to squid.



How can I allow squid to accept all incoming connections, regardless of the originating IP address? Or do is there a workaround?






ubuntu-14.04 squid proxy-server







share|improve this question





























    1















    I setup squid proxy on my VPS on DigitalOcean. But I have a problem - my home IP address changes constantly, since it is dynamic. I tried to use no-ip (since it's free) but when I add acl myhome srcdomain mydomain.no-ip.org, I cannot connect to the proxy.



    I also tried to add a dot in mydomain.no-ip.org, but still no luck. So I decided to open it to all, so no matter what my home IP is, still, I can't connect to squid.



    How can I allow squid to accept all incoming connections, regardless of the originating IP address? Or do is there a workaround?






    ubuntu-14.04 squid proxy-server







    share|improve this question



























      1












      1








      1








      I setup squid proxy on my VPS on DigitalOcean. But I have a problem - my home IP address changes constantly, since it is dynamic. I tried to use no-ip (since it's free) but when I add acl myhome srcdomain mydomain.no-ip.org, I cannot connect to the proxy.



      I also tried to add a dot in mydomain.no-ip.org, but still no luck. So I decided to open it to all, so no matter what my home IP is, still, I can't connect to squid.



      How can I allow squid to accept all incoming connections, regardless of the originating IP address? Or do is there a workaround?






      ubuntu-14.04 squid proxy-server







      share|improve this question
















      I setup squid proxy on my VPS on DigitalOcean. But I have a problem - my home IP address changes constantly, since it is dynamic. I tried to use no-ip (since it's free) but when I add acl myhome srcdomain mydomain.no-ip.org, I cannot connect to the proxy.



      I also tried to add a dot in mydomain.no-ip.org, but still no luck. So I decided to open it to all, so no matter what my home IP is, still, I can't connect to squid.



      How can I allow squid to accept all incoming connections, regardless of the originating IP address? Or do is there a workaround?






      ubuntu-14.04 squid proxy-server




      ubuntu-14.04 squid proxy-server






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Jul 16 '15 at 4:08









      fixer1234

      18.9k144982




      18.9k144982










      asked Jul 16 '15 at 1:56









      user469790user469790

      612




      612






















          1 Answer
          1






          active

          oldest

          votes


















          0














          Did you also use this after you defined the ACL:



          http_access allow myhome


          Another suggestion if you cant get the no-ip to work, is perhaps defining an entire range of IP's. If you track your IP changes you should be able to work out a list of addresses. In my case I usually I only get a few addresses and they are all in the same networks.



          Eg. I will get something like: 192.168.1.25 and then only the last 1 or 2 numbers change. So you could simply allow all IP's from 192.168.0.0. Not the nicest solution, I think your no-ip solution is much better if u can get that to work.



          EDIT: Some info on how to enable more debug info to work out why you cant get access, In squid.conf enable debugging for section 33 at level 2. For example:



          debug_options ALL,1 33,2


          Restart squid then try and use your proxy, when it fails to work check the cache.log for the error. That should hopefully tell you why its not working.



          Also just as a test to make sure your no-ip domain is working correctly as sometimes it takes a while for DNS to catch up, use:



          nslookup no-ip-host-name


          That should return your IP address, check to make sure that is actually your IP. If they dont match its because the DNS servers configured are a bit slow to update. I found OpenDNS is pretty quick for updates. Let me know if you need more info.






          share|improve this answer


























          • actually, i already allow it. but i cannot connect when using no-ip. but, when i use acl myhome src my-public-ip-here instead of acl myhome srcdomain no-ip-domain-here i can connect to the internet. so what i did, i allow all. but i don't know if this is a good idea since anyone can use this when they know the ip of my squid server

            – user469790
            Jul 16 '15 at 5:31











          • yea that makes your proxy a public one, u will have people using that very soon. People use port scanners to find them. So best to fix it. I've added more info to my answer for you. Hope that helps.

            – dakka
            Jul 16 '15 at 6:56











          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "3"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f941200%2fhow-to-make-squid-proxy-to-allow-all-connections-from-different-ips%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          0














          Did you also use this after you defined the ACL:



          http_access allow myhome


          Another suggestion if you cant get the no-ip to work, is perhaps defining an entire range of IP's. If you track your IP changes you should be able to work out a list of addresses. In my case I usually I only get a few addresses and they are all in the same networks.



          Eg. I will get something like: 192.168.1.25 and then only the last 1 or 2 numbers change. So you could simply allow all IP's from 192.168.0.0. Not the nicest solution, I think your no-ip solution is much better if u can get that to work.



          EDIT: Some info on how to enable more debug info to work out why you cant get access, In squid.conf enable debugging for section 33 at level 2. For example:



          debug_options ALL,1 33,2


          Restart squid then try and use your proxy, when it fails to work check the cache.log for the error. That should hopefully tell you why its not working.



          Also just as a test to make sure your no-ip domain is working correctly as sometimes it takes a while for DNS to catch up, use:



          nslookup no-ip-host-name


          That should return your IP address, check to make sure that is actually your IP. If they dont match its because the DNS servers configured are a bit slow to update. I found OpenDNS is pretty quick for updates. Let me know if you need more info.






          share|improve this answer


























          • actually, i already allow it. but i cannot connect when using no-ip. but, when i use acl myhome src my-public-ip-here instead of acl myhome srcdomain no-ip-domain-here i can connect to the internet. so what i did, i allow all. but i don't know if this is a good idea since anyone can use this when they know the ip of my squid server

            – user469790
            Jul 16 '15 at 5:31











          • yea that makes your proxy a public one, u will have people using that very soon. People use port scanners to find them. So best to fix it. I've added more info to my answer for you. Hope that helps.

            – dakka
            Jul 16 '15 at 6:56
















          0














          Did you also use this after you defined the ACL:



          http_access allow myhome


          Another suggestion if you cant get the no-ip to work, is perhaps defining an entire range of IP's. If you track your IP changes you should be able to work out a list of addresses. In my case I usually I only get a few addresses and they are all in the same networks.



          Eg. I will get something like: 192.168.1.25 and then only the last 1 or 2 numbers change. So you could simply allow all IP's from 192.168.0.0. Not the nicest solution, I think your no-ip solution is much better if u can get that to work.



          EDIT: Some info on how to enable more debug info to work out why you cant get access, In squid.conf enable debugging for section 33 at level 2. For example:



          debug_options ALL,1 33,2


          Restart squid then try and use your proxy, when it fails to work check the cache.log for the error. That should hopefully tell you why its not working.



          Also just as a test to make sure your no-ip domain is working correctly as sometimes it takes a while for DNS to catch up, use:



          nslookup no-ip-host-name


          That should return your IP address, check to make sure that is actually your IP. If they dont match its because the DNS servers configured are a bit slow to update. I found OpenDNS is pretty quick for updates. Let me know if you need more info.






          share|improve this answer


























          • actually, i already allow it. but i cannot connect when using no-ip. but, when i use acl myhome src my-public-ip-here instead of acl myhome srcdomain no-ip-domain-here i can connect to the internet. so what i did, i allow all. but i don't know if this is a good idea since anyone can use this when they know the ip of my squid server

            – user469790
            Jul 16 '15 at 5:31











          • yea that makes your proxy a public one, u will have people using that very soon. People use port scanners to find them. So best to fix it. I've added more info to my answer for you. Hope that helps.

            – dakka
            Jul 16 '15 at 6:56














          0












          0








          0







          Did you also use this after you defined the ACL:



          http_access allow myhome


          Another suggestion if you cant get the no-ip to work, is perhaps defining an entire range of IP's. If you track your IP changes you should be able to work out a list of addresses. In my case I usually I only get a few addresses and they are all in the same networks.



          Eg. I will get something like: 192.168.1.25 and then only the last 1 or 2 numbers change. So you could simply allow all IP's from 192.168.0.0. Not the nicest solution, I think your no-ip solution is much better if u can get that to work.



          EDIT: Some info on how to enable more debug info to work out why you cant get access, In squid.conf enable debugging for section 33 at level 2. For example:



          debug_options ALL,1 33,2


          Restart squid then try and use your proxy, when it fails to work check the cache.log for the error. That should hopefully tell you why its not working.



          Also just as a test to make sure your no-ip domain is working correctly as sometimes it takes a while for DNS to catch up, use:



          nslookup no-ip-host-name


          That should return your IP address, check to make sure that is actually your IP. If they dont match its because the DNS servers configured are a bit slow to update. I found OpenDNS is pretty quick for updates. Let me know if you need more info.






          share|improve this answer















          Did you also use this after you defined the ACL:



          http_access allow myhome


          Another suggestion if you cant get the no-ip to work, is perhaps defining an entire range of IP's. If you track your IP changes you should be able to work out a list of addresses. In my case I usually I only get a few addresses and they are all in the same networks.



          Eg. I will get something like: 192.168.1.25 and then only the last 1 or 2 numbers change. So you could simply allow all IP's from 192.168.0.0. Not the nicest solution, I think your no-ip solution is much better if u can get that to work.



          EDIT: Some info on how to enable more debug info to work out why you cant get access, In squid.conf enable debugging for section 33 at level 2. For example:



          debug_options ALL,1 33,2


          Restart squid then try and use your proxy, when it fails to work check the cache.log for the error. That should hopefully tell you why its not working.



          Also just as a test to make sure your no-ip domain is working correctly as sometimes it takes a while for DNS to catch up, use:



          nslookup no-ip-host-name


          That should return your IP address, check to make sure that is actually your IP. If they dont match its because the DNS servers configured are a bit slow to update. I found OpenDNS is pretty quick for updates. Let me know if you need more info.







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited Jul 16 '15 at 6:55

























          answered Jul 16 '15 at 2:33









          dakkadakka

          1114




          1114













          • actually, i already allow it. but i cannot connect when using no-ip. but, when i use acl myhome src my-public-ip-here instead of acl myhome srcdomain no-ip-domain-here i can connect to the internet. so what i did, i allow all. but i don't know if this is a good idea since anyone can use this when they know the ip of my squid server

            – user469790
            Jul 16 '15 at 5:31











          • yea that makes your proxy a public one, u will have people using that very soon. People use port scanners to find them. So best to fix it. I've added more info to my answer for you. Hope that helps.

            – dakka
            Jul 16 '15 at 6:56



















          • actually, i already allow it. but i cannot connect when using no-ip. but, when i use acl myhome src my-public-ip-here instead of acl myhome srcdomain no-ip-domain-here i can connect to the internet. so what i did, i allow all. but i don't know if this is a good idea since anyone can use this when they know the ip of my squid server

            – user469790
            Jul 16 '15 at 5:31











          • yea that makes your proxy a public one, u will have people using that very soon. People use port scanners to find them. So best to fix it. I've added more info to my answer for you. Hope that helps.

            – dakka
            Jul 16 '15 at 6:56

















          actually, i already allow it. but i cannot connect when using no-ip. but, when i use acl myhome src my-public-ip-here instead of acl myhome srcdomain no-ip-domain-here i can connect to the internet. so what i did, i allow all. but i don't know if this is a good idea since anyone can use this when they know the ip of my squid server

          – user469790
          Jul 16 '15 at 5:31





          actually, i already allow it. but i cannot connect when using no-ip. but, when i use acl myhome src my-public-ip-here instead of acl myhome srcdomain no-ip-domain-here i can connect to the internet. so what i did, i allow all. but i don't know if this is a good idea since anyone can use this when they know the ip of my squid server

          – user469790
          Jul 16 '15 at 5:31













          yea that makes your proxy a public one, u will have people using that very soon. People use port scanners to find them. So best to fix it. I've added more info to my answer for you. Hope that helps.

          – dakka
          Jul 16 '15 at 6:56





          yea that makes your proxy a public one, u will have people using that very soon. People use port scanners to find them. So best to fix it. I've added more info to my answer for you. Hope that helps.

          – dakka
          Jul 16 '15 at 6:56


















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Super User!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f941200%2fhow-to-make-squid-proxy-to-allow-all-connections-from-different-ips%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          -

          Popular posts from this blog

          Plaza Victoria

          Image
          Plaza Victoria Plaza Victoria en 2017 Otros nombres Plaza de La Victoria Localización El Almendral, Valparaíso, Chile Vías adyacentes Chacabuco, Molina, Plaza Victoria y Edwards Creación 1841 Metro Bellavista Ubicación 33°02′46″S 71°37′11″O  /  -33.04624167, -71.61980833 Coordenadas: 33°02′46″S 71°37′11″O  /  -33.04624167, -71.61980833 [editar datos en Wikidata] La Plaza Victoria , también llamada Plaza de la Victoria , [ 1 ] ​ es una plaza ubicada en el sector El Almendral del plan de la ciudad de Valparaíso, Chile, de importancia patrimonial, que incluye valiosas estatuas y especies vegetales. [ 2 ] ​ La plaza se creó como tal en la primera mitad del siglo XIX, tomando previamente los nombres de Plaza Nueva y Plaza de Orrego . Si bien desde sus inicios tuvo relevancia histórica, no fue sino a partir de fines de los años 1860 cuando comenzó a cobrar mayor importancia y se convirtió en uno de los principales centros sociales de l
          Read more

          In PowerPoint, is there a keyboard shortcut for bulleted / numbered list?

          Image
          .everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box; } 2 OneNote has two useful keyboard shortcuts for bulleted and numbered lists, namely Ctrl + . and Ctrl + - . Is there something similar for PowerPoint where the work with lists is also very common? Haven't found anything here: Use keyboard shortcuts in PowerPoint. keyboard-shortcuts microsoft-powerpoint share | improve this question edited Aug 14 '14 at 14:49 Linger 2,826 10 28 40
          Read more

          How to put 3 figures in Latex with 2 figures side by side and 1 below these side by side images but in...

          Image
          1 0 I want to put 3 images in LateX such as 2 figures are side by side horizotally and 3rd figure below these 2 side by side figures but in middle. I have following code: begin{figure}[H] centering begin{minipage}{.5textwidth} centering includegraphics[width=.50linewidth]{Text/Images/Genelec_8010_AP.jpg} captionof{figure}{Genelec 8010 AP} label{fig:Genelec 8010} end{minipage}% begin{minipage}{.5textwidth} centering includegraphics[width=.69linewidth]{Text/Images/Genelec_8020_CPM.jpg} captionof{figure}{Genelec 8020 CPM} label{fig:Genelec 8020} end{minipage}% end{figure} %%Here is my 3rd picture code begin{figure} centering includegraphics[width=5cm]{Text/Images/Genelec_8030_BPM.jpg} caption{Genelec 8030 BPM} label{fig:Genelec 8030} end{figure} I want to ask ho
          Read more