28-Mar-02 at 10:49, Marc Elsen (marc.elsen@imec.be) wrote :
> > Today I got complain that one of our users could not access
> > http://ezproxy.lib.monash.edu.au:2242. Then I tried to use IP subnet
> > block that not through proxy. It works ! So I assume that transparent
> > proxy (and it's components) did not allow user browse using port 2242.
>
> Check squid.conf; from head : you should define the port in 'allowed
> ports'
> acl section.
My understanding of transparent proxying is that you grab connections on
port 80 and re-route them through the proxy. However, sites on alternate
ports will be connected to directly, I think, because the traffic is not
going out on port 80 and thus cannot be redirected to Squid.
Perhaps a solution is for users who need sites on different ports (rare)
should add a manual proxy configuration in their browser, then all
requests will be directed to the proxy. This is preferable, for sure, than
grabbing all traffic on port 2242, which could theoretically be used for
other communications and cause unusual results.
Of course, you will have to allow those ports which will be accessed
through the correct acl port configuration.
Regards,
-- [Simon White. vim/mutt. simon@mtds.com. GIMPS:58.27% see www.mersenne.org] It is impossible to sharpen a pencil with a blunt axe. It is equally vain to try to do it with ten blunt axes instead. -- E. W. Dijkstra [Arbitrary quotes signature rotation, a simple bash script by Simon White]Received on Thu Mar 28 2002 - 02:59:50 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:10 MST