[squid-users] [NOC] Squid configuration for application running in a docker container

Francesco Chemolli gkinkie at gmail.com
Tue Sep 9 20:38:42 UTC 2025

Next message (by thread): [squid-users] Error during build of version 7.1 from sources
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,
  is Squid running in the same docker container as the application?
Have you tried using a non-loopback address to connect to squid?

On Sun, Sep 7, 2025 at 10:49 PM Somdatta.Nath at gd-ms.com
<Somdatta.Nath at gd-ms.com> wrote:
>
> Hello,
>
>
>
> I have downloaded squid proxy application to test java spring webclient proxy setting.  When I am running the application as a java application, I am able to modify squid.conf and pass the netty reactor http request via proxy tunnel.  But when I am running the application in a docker container, the connection to proxy (http:127.0.0.1:3128) is getting refused.
>
>
>
> I tried to allow all the traffic as well as allow docker subnet. I have used the following rules.
>
> #
>
> # Recommended minimum configuration:
>
> #
>
> # Prefer IPv4 addresses first
>
> dns_v4_first on
>
>
>
> # Example rule allowing access from your local networks.
>
> # Adapt to list your (internal) IP networks from where browsing
>
> # should be allowed
>
> acl localnet src 10.89.0.0/24           # podman kube subnet
>
> acl localnet src 0.0.0.1-0.255.255.255  # RFC 1122 "this" network (LAN)
>
> acl localnet src 10.0.0.0/8             # RFC 1918 local private network (LAN)
>
> acl localnet src 100.64.0.0/10          # RFC 6598 shared address space (CGN)
>
> acl localnet src 169.254.0.0/16         # RFC 3927 link-local (directly plugged) machines
>
> #acl localnet src 172.16.0.0/12         # RFC 1918 local private network (LAN)
>
> #acl localnet src 192.168.0.0/16                # RFC 1918 local private network (LAN)
>
> #acl localnet src fc00::/7              # RFC 4193 local private network range
>
> #acl localnet src fe80::/10             # RFC 4291 link-local (directly plugged) machines
>
> acl localhost src 127.0.0.1/32
>
> acl all src all
>
> #acl all src 0.0.0.0/0
>
> #acl to_localhost  dst 127.0.0.1/32
>
> #acl udlsimulator dst 127.0.0.1/32
>
>
>
> acl SSL_ports port 443
>
> acl Safe_ports port 80          # http
>
> acl safe_ports port 8080
>
> acl Safe_ports port 21          # ftp
>
> acl Safe_ports port 443         # https
>
> acl Safe_ports port 210         # wais
>
> acl Safe_ports port 1025-65535  # unregistered ports
>
> acl Safe_ports port 280         # http-mgmt
>
> acl Safe_ports port 488         # gss-http
>
> acl Safe_ports port 591         # filemaker
>
> acl Safe_ports port 777         # multiling http
>
> acl CONNECT method CONNECT
>
>
>
> #Specify hosts file
>
> hosts_file /etc/hosts
>
>
>
> http_access allow all
>
> http_access allow localnet
>
>
>
>
>
> However, the squid proxy is refusing connection to the docker application
>
>
>
>
>
> Thank you,
>
> Somdatta
>
>
>
> SW Engineer,
>
> 8201 E McDowell Road,
>
> Scottsdale AZ 85257
>
> Ph:480.441.3703
>
>
>
>
>
> This message and/or attachments may include information subject to GDC4S O.M. 1.8.6 and GD Corporate Policy 07-105 and are intended to be accessed only by authorized recipients.  Use, storage and transmission are governed by General Dynamics and its policies. Contractual restrictions apply to third parties.  Recipients should refer to the policies or contract to determine proper handling.  Unauthorized review, use, disclosure or distribution is prohibited.  If you are not an intended recipient, please contact the sender and destroy all copies of the original message.
>
>
>
> _______________________________________________
> NOC mailing list
> NOC at lists.squid-cache.org
> https://lists.squid-cache.org/listinfo/noc



-- 
    Francesco

Next message (by thread): [squid-users] Error during build of version 7.1 from sources
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the squid-users mailing list