Squid from the outside

[Gentoo Bob]

Hey, I just installed squid on my system and I have pretty much left my squid.conf file default. I can access squid from my small network at home but when I'm outside my network I cannot. I am however hitting the proxy because I get the page displayed that I'm trying to reach "www.yahoo.com" but I don't have permission, access denied. So I know my ports are open and etc, and its not a networking issue. I think it is something in my config file and these acl's and I cant figure out what. The squid.conf file is so huge I know I'm missing something. Help anyone?
_________________
AMD 64 X2 4400+ on ECS nForce4
2GB DDR, 250GB SATA, GeForce 5500FX 256MB DDR2 PCI-E
---and----
Dell Inspiron E1505 Laptop
Intel Centrino Duo, 2GB RAM, 80GB SATA HDD, Intel3490 ABG Wireless,CDRW

[nevynxxx]

Off the top of my head I would agree that it is the acls, I think squid, by default limits access to the local subnet.

Open the squid file, and search for acl.

Most of the conf file is a very verbose description of the options, reading that is better in my experiance than any other docuemntation.
_________________
My Public Key

Wanted: Instructor in the art of Bowyery

[Gentoo Bob]

That really doesn't help me. I need more info on that. Where in the ACL's do I need make a change or add? and if I do need to add? Thats that problem I'm having. I want users from the outside to use the proxy and I can't.
_________________
AMD 64 X2 4400+ on ECS nForce4
2GB DDR, 250GB SATA, GeForce 5500FX 256MB DDR2 PCI-E
---and----
Dell Inspiron E1505 Laptop
Intel Centrino Duo, 2GB RAM, 80GB SATA HDD, Intel3490 ABG Wireless,CDRW

[nevynxxx]

There will be acls that deinfe the subnets that are allowed access.

Have you done as I said? Have you looked at the docs on the squid-cache website? These are the first two places to look.

If you are not willing to read, people are not willing to help.

The comments in the squid file make this just about as clear as it is possible to be, if you don't understand them, are you in a position to be opening this service to the world?

I don't mean to be harsh, and I don't mean to sound unhelpful, but when it comes to giveing the world access to your computer, the short answer is "Don't", the long answer is "Only if you really, really, know what you are doing, and have a really good reason to."
_________________
My Public Key

Wanted: Instructor in the art of Bowyery

[Gentoo Bob]

Hey I figured it out. Yes I read. I'm always reading. It was just a little confusing. I didnt really mean to give public access, just was having trouble saying the right words. Like I said, its a two part process...first define the ACL and then give it access with the HTTP_access syntax. That was what I was missing. It wasnt clear in documentations. Luckily i figured it out. Thanks for trying to help!
_________________
AMD 64 X2 4400+ on ECS nForce4
2GB DDR, 250GB SATA, GeForce 5500FX 256MB DDR2 PCI-E
---and----
Dell Inspiron E1505 Laptop
Intel Centrino Duo, 2GB RAM, 80GB SATA HDD, Intel3490 ABG Wireless,CDRW

[think4urs11]

hopefully you did narrow down the ip addresses to be allowed to access/use your squid as tight as possible.
Otherwise you will end up on various open proxy, maybe even spam lists (last depending on e.g. if you allow CONNECT outbound on port 25)
_________________
Nothing is secure / Security is always a trade-off with usability / Do not assume anything / Trust no-one, nothing / Paranoia is your friend / Think for yourself

[Gentoo Bob]

I sure did buddy! By the way Diane Keaton is HOT!!!
_________________
AMD 64 X2 4400+ on ECS nForce4
2GB DDR, 250GB SATA, GeForce 5500FX 256MB DDR2 PCI-E
---and----
Dell Inspiron E1505 Laptop
Intel Centrino Duo, 2GB RAM, 80GB SATA HDD, Intel3490 ABG Wireless,CDRW