Solved

squid proxy

Posted on 2006-11-05
18
675 Views
Last Modified: 2010-04-20
hello,
I have squid proxy and I also have 5 ips
I have edited the .conf file so I can
use the ips like this

http_port ip1:port1
http_port ip2:port2
http_port ip3:port3
http_port ip4:port4
http_port ip5:port5

when I connect to the ip and port it always
gives me the main IP.. how can I fix it?
0
Comment
Question by:Sabrin
  • 9
  • 8
18 Comments
 
LVL 48

Expert Comment

by:Tintin
ID: 17879313
What gives you the main IP address?  Do you mean the source address of the request?
0
 

Author Comment

by:Sabrin
ID: 17879327
ip2location.com shows me only the main ip
0
 
LVL 43

Expert Comment

by:ravenpl
ID: 17879350
You mean the squid connects to remotes using always one IP?
Use 'tcp_outgoing_address' configuration directive to change it.
0
 

Author Comment

by:Sabrin
ID: 17880095
yes that what im using, like this

tcp_outgoing_address ip1
tcp_outgoing_address ip2
0
 
LVL 43

Expert Comment

by:ravenpl
ID: 17880151
tcp_outgoing_address can't be used that way - will always use first match. That's it - the tcp_outgoing_address can bind one outgoing address for some ACLs, another for others ACLs. From the manual, which You propably already seen
#  TAG: tcp_outgoing_address
#       Allows you to map requests to different outgoing IP addresses
#       based on the username or sourceaddress of the user making
#       the request.
#
#       tcp_outgoing_address ipaddr [[!]aclname] ...
#
#       Example where requests from 10.0.0.0/24 will be forwareded
#       with source address 10.1.0.1, 10.0.2.0/24 forwarded with
#       source address 10.1.0.2 and the rest will be forwarded with
#       source address 10.1.0.3.
#
#       acl normal_service_net src 10.0.0.0/255.255.255.0
#       acl good_service_net src 10.0.1.0/255.255.255.0
#       tcp_outgoing_address 10.0.0.1 normal_service_net
#       tcp_outgoing_address 10.0.0.2 good_service_net
#       tcp_outgoing_address 10.0.0.3
#
#       Processing proceeds in the order specified, and stops at first fully
#       matching line.
0
 

Author Comment

by:Sabrin
ID: 17880381
I saw that but i dont understand! how it should be ?
0
 
LVL 43

Expert Comment

by:ravenpl
ID: 17880423
An how You want it to behave?
0
 

Author Comment

by:Sabrin
ID: 17880441
lets say these are my ips and the ports i want to use them
86.65.25.101:3120
86.65.25.102:3121
86.65.25.103:3122
how can I do that ?


0
 
LVL 43

Expert Comment

by:ravenpl
ID: 17880459
Do You want the squid should pick random source IP while connectiong to remote http server?
If so, I think You have to do it with linux's iptables rather than from squid itself
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 

Author Comment

by:Sabrin
ID: 17880758
dude, I only want to use 1 ip per port!
If I connect to 86.65.25.101:3120
and I go to ip2location.com I want to see 86.65.25.101
same thing with 86.65.25.102:3121 and 86.65.25.103:3122
thats it!
0
 
LVL 43

Expert Comment

by:ravenpl
ID: 17880820
dude, why it took You so long to be clear! (or maybe I have problems - possible as english is not my native)

acl from_ip1 myip 86.65.25.101
acl from_ip2 myip 86.65.25.102
tcp_outgoing_address 86.65.25.101 from_ip1
tcp_outgoing_address 86.65.25.102 from_ip2
tcp_outgoing_address 86.65.25.101 # always leave there some defaults...

Note - You can't control source port on outgoing tcp connection. It will be choosen randomly by system.
0
 

Author Comment

by:Sabrin
ID: 17880868
what if I just open port 3120 from firewall and I connect to
the 5 ips I have will ip2location be able to show that IP ?
If so how can I do it?
0
 
LVL 43

Expert Comment

by:ravenpl
ID: 17880907
I'm sorry - I don't get You.
You have to open firewall for each IP:port the squid listens. Apart from that You should allow any ESTABLISHED connection to the squid box. And finally You should allow any outgoing connection from the squid box.

The config I provided tells squid to initiate remote connection from same localIP, as it received the proxy request on.
In other words: if client connects to squid at 86.65.25.102:3128, squid will(if required) connect to remote www server from 86.65.25.102
0
 

Author Comment

by:Sabrin
ID: 17881053
ok but I have 5 ip addresses not just 2
0
 
LVL 43

Expert Comment

by:ravenpl
ID: 17881156
dude, make it for all five addresses - should be easy to folow the pattern...
0
 

Author Comment

by:Sabrin
ID: 17881623
ok correct me if im worng!

acl from_ip1 myip 86.65.25.101
acl from_ip2 myip 86.65.25.102
acl from_ip1 myip 86.65.25.103
acl from_ip2 myip 86.65.25.104
acl from_ip1 myip 86.65.25.105

tcp_outgoing_address 86.65.25.101 from_ip1
tcp_outgoing_address 86.65.25.102 from_ip2
tcp_outgoing_address 86.65.25.103 from_ip1
tcp_outgoing_address 86.65.25.104 from_ip2
tcp_outgoing_address 86.65.25.105 from_ip1

tcp_outgoing_address 86.65.25.101
tcp_outgoing_address 86.65.25.102
tcp_outgoing_address 86.65.25.103
tcp_outgoing_address 86.65.25.104
tcp_outgoing_address 86.65.25.105
0
 
LVL 43

Expert Comment

by:ravenpl
ID: 17881648
You wrong.

acl from_ip1 myip 86.65.25.101
acl from_ip2 myip 86.65.25.102
acl from_ip1 myip 86.65.25.103
acl from_ip2 myip 86.65.25.104
acl from_ip1 myip 86.65.25.105

tcp_outgoing_address 86.65.25.101 from_ip1
tcp_outgoing_address 86.65.25.102 from_ip2
tcp_outgoing_address 86.65.25.103 from_ip1
tcp_outgoing_address 86.65.25.104 from_ip2
tcp_outgoing_address 86.65.25.105 from_ip1
tcp_outgoing_address 86.65.25.101 # default one - eg. if connected from localhost
0
 
LVL 43

Accepted Solution

by:
ravenpl earned 500 total points
ID: 17881653
And I'm wrong as well.

acl from_ip1 myip 86.65.25.101
acl from_ip2 myip 86.65.25.102
acl from_ip3 myip 86.65.25.103
acl from_ip4 myip 86.65.25.104
acl from_ip5 myip 86.65.25.105

tcp_outgoing_address 86.65.25.101 from_ip1
tcp_outgoing_address 86.65.25.102 from_ip2
tcp_outgoing_address 86.65.25.103 from_ip3
tcp_outgoing_address 86.65.25.104 from_ip4
tcp_outgoing_address 86.65.25.105 from_ip5
tcp_outgoing_address 86.65.25.101 # default one - eg. if connected from localhost
0

Featured Post

Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

Join & Write a Comment

Suggested Solutions

Network Interface Card (NIC) bonding, also known as link aggregation, NIC teaming and trunking, is an important concept to understand and implement in any environment where high availability is of concern. Using this feature, a server administrator …
Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now