Squid IPv6 Configuration

  • Posted:
  • Proposals: 1
  • Remote
  • #73276
  • Expired
Nitin N. has already sent a proposal.
  • 0

Description

Experience Level: Intermediate
Need help troubleshooting my Squid 3.1 configuration running on a Linux Debian Squeeze VPS.

I'm setting up an anonomous proxy server using ipv6 IPs. My VPS has 5 ipv4 and a /64 block of ipv6. The ipv4 proxies are working fine but the ipv6 is not working. I'm not sure if it's a bug in Squid or my setup needs to be corrected or if a work around needs to be done.

The first two lines in the below code works fine but the ipv6 address causes an error when I use the ipv6 ips in my Internet Explorer 8. I'm using [2607:f2f8:aea8::3] port 3128 as the proxy.

acl ip2 myip 206.125.169.211
tcp_outgoing_address 206.125.169.211 ip2
acl ip1 myip 2607:f2f8:aea8::3
tcp_outgoing_address 2607:f2f8:aea8::3 ip1

When I remove the last two lines of the above code and use [2607:f2f8:aea8::3] as a proxy, there's no error, but the ip shows up as 206.125.169.212 when using whatismyip.com.

Another issue. There seems to be a delay in switching over the ips. When I switch from one ipv4 to another and use whatismyip.com, the old ips shows up until 10-20 seconds later. I disabled the cache using no_cache deny all. Please review that code as well.

Below is my squid.conf file. If we need to test it on my server, I'll provide you access with username/password.
*************************************
#Turn Off Cache
#acl all src 0.0.0.0/0.0.0.0
no_cache deny all
cache_access_log none
cache_store_log none

#acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl SSL_ports port 443
acl Safe_ports port 80
# http
acl Safe_ports port 21
# ftp
acl Safe_ports port 443
# https
acl Safe_ports port 70
# gopher
acl Safe_ports port 210
# wais
acl Safe_ports port 1025-65535
# unregistered ports
acl Safe_ports port 280
# http-mgmt
acl Safe_ports port 488
# gss-http
acl Safe_ports port 591
# filemaker
acl Safe_ports port 777
# multiling http
acl CONNECT method CONNECT
http_access allow all
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
#http_access deny all
http_port 3128

#***********************************************
# ipv4 works, ipv6 doesn't
#***********************************************
acl ip2 myip 206.125.169.211
tcp_outgoing_address 206.125.169.211 ip2
acl ip1 myip 2607:f2f8:aea8::3
tcp_outgoing_address 2607:f2f8:aea8::3 ip1

#***********************************************
#Setting up highly anonomous elite proxy server
#***********************************************
forwarded_for delete

request_header_access Allow allow all
request_header_access Authorization allow all
request_header_access WWW-Authenticate allow all
request_header_access Proxy-Authorization allow all
request_header_access Proxy-Authenticate allow all
request_header_access Cache-Control allow all
request_header_access Content-Encoding allow all
request_header_access Content-Length allow all
request_header_access Content-Type allow all
request_header_access Date allow all
request_header_access Expires allow all
request_header_access Host allow all
request_header_access If-Modified-Since allow all
request_header_access Last-Modified allow all
request_header_access Location allow all
request_header_access Pragma allow all
request_header_access Accept allow all
request_header_access Accept-Charset allow all
request_header_access Accept-Encoding allow all
request_header_access Accept-Language allow all
request_header_access Content-Language allow all
request_header_access Mime-Version allow all
request_header_access Retry-After allow all
request_header_access Title allow all
request_header_access Connection allow all
request_header_access All deny all

#***********************************************

hierarchy_stoplist cgi-bin ?
coredump_dir /var/spool/squid3
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|?) 0 0% 0
refresh_pattern . 0 20% 4

New Proposal

Create an account now and send a proposal now to get this project.

Sign up

Clarification Board Ask a Question

    There are no clarification messages.