Squid 3.5.20 No Internet Access

centos proxy cache centos7 squid

I installed Squid Proxy 3.5.20 on CentOS 7

The server is connected to the internet and pings

Squid is running with no errors

When I try to pass through Squid in Chrome I get no internet access for both http and https sites even local IPs (192.168.95.x)

I configured a whitelist.txt with all domains I want to grant access for. And even CHMOD 0777 to avoid any rights problems.

I removed the acl whitelist lines in squid.config to remove any restrinction.

I tried and got the same problem with both Ubuntu Server and CenOS 7, maybe this is a newer version of Squid requires some extra configuration as before I installed it on Ubuntu Server and worked as intended until the server crashed and I had to install a new one.

Here is my configuration:

acl my_network src 192.168.95.0/24          # My LAN
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7       # RFC 4193 local private network range
acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines


acl SSL_ports port 443
acl Safe_ports port 80      # http
acl Safe_ports port 21      # ftp
acl Safe_ports port 443     # https
acl Safe_ports port 70      # gopher
acl Safe_ports port 210     # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280     # http-mgmt
acl Safe_ports port 488     # gss-http
acl Safe_ports port 591     # filemaker
acl Safe_ports port 777     # multiling http
acl CONNECT method CONNECT


acl whitelist dstdomain "/etc/squid/whitelist.txt"
http_access allow whitelist
http_access deny !whitelist


http_access deny !Safe_ports


http_access deny CONNECT !SSL_ports


http_access allow localhost manager
http_access deny manager


#http_access deny to_localhost


http_access allow my_network
http_access allow localnet
http_access allow localhost


http_access deny all


http_port 3128


#cache_dir ufs /var/spool/squid 100 16 256


coredump_dir /var/spool/squid


refresh_pattern ^ftp:       1440    20% 10080
refresh_pattern ^gopher:    1440    0%  1440
refresh_pattern -i (/cgi-bin/|\?) 0 0%  0
refresh_pattern .       0   20% 4320

Here is my ethernet interface:

TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="none"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="enp2s0"
UUID="f9ae5b5e-552c-49f7-b2c9-44c1de033cea"
DEVICE="enp2s0"
ONBOOT="yes"
IPADDR="192.168.95.3"
PREFIX="24"
GATEWAY="192.168.95.1"
DNS1="8.8.8.8"
IPV6_PRIVACY="no"

Knowing that my LAN is 192.168.95.x/24 and the proxy server is 192.168.95.3 and we only use IPv4

Any suggestions would be appreciated.

This is the log of Squid when restarting the service, no log when trying to access a website:

2021/03/08 16:15:39| Squid is already running!  Process ID 1763
2021/03/08 16:15:41| Set Current Directory to /var/spool/squid
2021/03/08 16:15:41 kid1| Preparing for shutdown after 0 requests
2021/03/08 16:15:41 kid1| Waiting 30 seconds for active connections to finish
2021/03/08 16:15:41 kid1| Closing HTTP port [::]:3128
2021/03/08 16:15:41 kid1| Set Current Directory to /var/spool/squid
2021/03/08 16:15:41 kid1| Starting Squid Cache version 3.5.20 for x86_64-redhat-linux-gnu...
2021/03/08 16:15:41 kid1| Service Name: squid
2021/03/08 16:15:41 kid1| Process ID 1791
2021/03/08 16:15:41 kid1| Process Roles: worker
2021/03/08 16:15:41 kid1| With 16384 file descriptors available
2021/03/08 16:15:41 kid1| Initializing IP Cache...
2021/03/08 16:15:41 kid1| DNS Socket created at [::], FD 6
2021/03/08 16:15:41 kid1| DNS Socket created at 0.0.0.0, FD 8
2021/03/08 16:15:41 kid1| Adding nameserver 8.8.8.8 from /etc/resolv.conf
2021/03/08 16:15:41 kid1| Logfile: opening log daemon:/var/log/squid/access.log
2021/03/08 16:15:41 kid1| Logfile Daemon: opening log /var/log/squid/access.log
2021/03/08 16:15:41 kid1| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
2021/03/08 16:15:41 kid1| Store logging disabled
2021/03/08 16:15:41 kid1| Swap maxSize 0 + 262144 KB, estimated 20164 objects
2021/03/08 16:15:41 kid1| Target number of buckets: 1008
2021/03/08 16:15:41 kid1| Using 8192 Store buckets
2021/03/08 16:15:41 kid1| Max Mem  size: 262144 KB
2021/03/08 16:15:41 kid1| Max Swap size: 0 KB
2021/03/08 16:15:41 kid1| Using Least Load store dir selection
2021/03/08 16:15:41 kid1| Set Current Directory to /var/spool/squid
2021/03/08 16:15:41 kid1| Finished loading MIME types and icons.
2021/03/08 16:15:41 kid1| HTCP Disabled.
2021/03/08 16:15:41 kid1| Squid plugin modules loaded: 0
2021/03/08 16:15:41 kid1| Adaptation support is off.
2021/03/08 16:15:41 kid1| Accepting HTTP Socket connections at local=[::]:3128 remote=[::] FD 11 flags=9
2021/03/08 16:15:42 kid1| storeLateRelease: released 0 objects

Chrome shows ERR_PROXY_CONNECTION_FAILED


Your problem was a firewall rule blocking access to port 3128/tcp.

To grant access permanently to this port you may want to add a rule like this:

sudo iptables -A INPUT -i $iflan -p tcp --dport 3128 -j ACCEPT

Please replace $iflanwith the name of your LAN interface.

To make the firewall rules permanent you use the following commands:

sudo yum update
sudo yum install iptables-persistent
sudo invoke-rc.d iptables-persistent save

This documentation on iptables provides further guidance on this topic.

Edit: added commands to install iptables-persistent.

Related

Is there a central limit theorem for $L^p$?
Solving the Sturm-Liouville equation $x^2y'' +2xy' +(\lambda +1/4)y = 0$
Area of a circle smaller than one?
Application of (infinite) Ramsey Theorem
Why local basis of $0$ in topological vector space generates the topology by translation?
$f \in \mathcal{R}[a, b]$, $g$ is a bounded real-valued function on $[a, b]$ s.t. $f(x) = g(x)$ almost everywhere. Is $g \in \mathcal{R}[a, b]$?
How to prove that $ \frac{n+1}{4n^2+3}$ is a Cauchy sequence?
Reduce the compact domain of onto continuous function and it is still onto
If $11z^{10}+10iz^9+10iz-11 = 0$. Then possible value of $\mid z \mid,$ is
Simplify $\dfrac{\sqrt{m+x}+\sqrt{m-x}}{\sqrt{m+x}-\sqrt{m-x}}$
Is L(K4) graph planar?
Finding a root of a degree 5 polynomial