Discover Centmin Mod today
Register Now

SQUID proxy problem, can't get it to work!

Discussion in 'Other Web Apps usage' started by JClarkKent2006, Mar 11, 2016.

  1. JClarkKent2006

    JClarkKent2006 New Member

    8
    1
    3
    Jul 28, 2014
    Ratings:
    +1
    Local Time:
    9:08 PM
    latest as of 07-2014
    ERROR
    The requested URL could not be retrieved
    The following error was encountered while trying to retrieve the URL: What Is My IP - The IP Address Experts - WhatIsMyIP.com ®

    Connection to 2400:cb00:2048:1::c629:ca9d failed.

    The system returned: (110) Connection timed out

    The remote host or network may be down. Please try the request again.

    Your cache administrator is root.

    Generated Thu, 10 Mar 2016 17:12:14 GMT by server1 (squid/3.1.23)




    This is displayed anytime I try to use my squid proxy server on centminmod.
    this is my SQUID.CONF

    IP Tables and CSF both have port 3128 completely open. I don't understand why squid won't work. I added a USER / Password via command

    htpasswd /etc/squid/passwd USERNAME
    New password: Typedpassword
    Re-enter password: Typedpasswordconfirmationagain


    Code:
    http_port 3128
    cache deny all
    hierarchy_stoplist cgi-bin ?
    
    access_log none
    cache_store_log none
    cache_log /dev/null
    
    refresh_pattern ^ftp: 1440 20% 10080
    refresh_pattern ^gopher: 1440 0% 1440
    refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
    refresh_pattern . 0 20% 4320
    
    acl manager proto cache_object
    acl localhost src 127.0.0.1/32 ::1
    acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
    
    acl SSL_ports port 1-65535
    acl Safe_ports port 1-65535
    acl CONNECT method CONNECT
    acl siteblacklist dstdomain "/etc/squid/blacklist.acl"
    http_access allow manager localhost
    http_access deny manager
    
    http_access deny !Safe_ports
    
    http_access deny CONNECT !SSL_ports
    http_access deny siteblacklist
    auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd
    
    auth_param basic children 5
    auth_param basic realm Squid proxy-caching web server
    auth_param basic credentialsttl 2 hours
    acl password proxy_auth REQUIRED
    http_access allow localhost
    http_access allow password
    http_access deny all
    
    
    forwarded_for off
    request_header_access Allow allow all
    request_header_access Authorization allow all
    request_header_access WWW-Authenticate allow all
    request_header_access Proxy-Authorization allow all
    request_header_access Proxy-Authenticate allow all
    request_header_access Cache-Control allow all
    request_header_access Content-Encoding allow all
    request_header_access Content-Length allow all
    request_header_access Content-Type allow all
    request_header_access Date allow all
    request_header_access Expires allow all
    request_header_access Host allow all
    request_header_access If-Modified-Since allow all
    request_header_access Last-Modified allow all
    request_header_access Location allow all
    request_header_access Pragma allow all
    request_header_access Accept allow all
    request_header_access Accept-Charset allow all
    request_header_access Accept-Encoding allow all
    request_header_access Accept-Language allow all
    request_header_access Content-Language allow all
    request_header_access Mime-Version allow all
    request_header_access Retry-After allow all
    request_header_access Title allow all
    request_header_access Connection allow all
    request_header_access Proxy-Connection allow all
    request_header_access User-Agent allow all
    request_header_access Cookie allow all
    request_header_access All deny all
    
    
     
  2. eva2000

    eva2000 Administrator Staff Member

    30,152
    6,782
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,133
    Local Time:
    12:08 PM
    Nginx 1.13.x
    MariaDB 5.5
    Centmin Mod is provide as is, so short of scripted related bugs or issues, any further optimisation to the web stack components - nginx, php-fpm, mariadb mysql, csf firewall etc or web app specific configurations are left to the Centmin Mod user to deal with. So I do not provide any free support for such apps like Squid proxy.

    However, Centmin Mod users are free to help each other out and ask questions or give answers on this community forum. My hopes are that this community forum evolves so that more veteran long time Centmin Mod users help new Centmin Mod users out :)

    With that said, sounds like you haven't setup proper DNS AAAA records for your domain's IPv6 address ? You'll need to contact your web host to figure out your assigned IPv6 addresses and then setup a DNS AAAA record to point to an IPv6 address assigned to your server. If unsure about DNS side, you'd need to ask your domain registrar/dns provider.

    If you have correct DNS AAAA record setup for domain, then ensure CSF Firewall has whitelisted the IPv6 version ports in TCP6_IN/TCP6_OUT which is a separate comma separated port list from IPv4 version TCP_IN/TCP_OUT in /etc/csf/csf.conf outlined at CSF Firewall - CentminMod.com LEMP Nginx web stack for CentOS
     
  3. JClarkKent2006

    JClarkKent2006 New Member

    8
    1
    3
    Jul 28, 2014
    Ratings:
    +1
    Local Time:
    9:08 PM
    latest as of 07-2014
    Thank you for your response,
    Is there a guide on how to setup DNS AAA records? Is this something I need to do with Moniker ( DOMAIN REGISTAR), such as manage DNS and create a nameserver pointing to an IP6 address.

    I'm simply trying to setup a PRIVATE proxy ONLY for my use through my webserver (hosts public small websites), I wouldn't think it would have anything to do with IP6 normally? Maybe only when trying to resolve out to the world? But "WGET What Is My IP Address? IP Address Tools and More" works so it's not a resolving issue. Are you confident about the IP6 being involved?

    I'm accessing the server via IP 4 protocol, that doens't matter does it? 23.xxx.xxx.190 for instance. I haven't used IP6 before, all my websites use IP4
     
  4. eva2000

    eva2000 Administrator Staff Member

    30,152
    6,782
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,133
    Local Time:
    12:08 PM
    Nginx 1.13.x
    MariaDB 5.5
    yes your domain registrar/tech support or their documentation should have guide or info for DNS AAAA setups
     
  5. JClarkKent2006

    JClarkKent2006 New Member

    8
    1
    3
    Jul 28, 2014
    Ratings:
    +1
    Local Time:
    9:08 PM
    latest as of 07-2014
    I just contacted moniker tech support for guidance.

    You're sure I'm not supposed to add a DNS AAAA record in NSD am I ?

    I don't see any fields to add / manage nameservers with IPv6, just seems strange.

    Anyone else have experience installing SQUID on centmin/centos 6 and have this Initial problem while setting it up the first time?
     
  6. eva2000

    eva2000 Administrator Staff Member

    30,152
    6,782
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,133
    Local Time:
    12:08 PM
    Nginx 1.13.x
    MariaDB 5.5
  7. eva2000

    eva2000 Administrator Staff Member

    30,152
    6,782
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,133
    Local Time:
    12:08 PM
    Nginx 1.13.x
    MariaDB 5.5