Smells like you have forgot to tell Squid that you are inside a
firewall and cannot go directly.. see the FAQ.
Regard
Henrik
On Wednesday 10 July 2002 11.33, Arkadi Colson wrote:
> When I watch my loggings I can see a deny of traffic to hotmail on
> port 80 on my external interface. The deny is normal because I
> can`t go directly anyway to sites on port 80 because my isp is
> blocking this. I have to go via my isp proxy. Squid is configured
> and should do this. Even when I allow this traffic, it still
> doesn`t work.<br><br>
> versions<br>
> iptables: 1.2.5-5<br>
> squid: 2.4.STABLE6-6.7.3<br><br>
> my squid.conf<br><br>
> <font face="Courier New, Courier" size=2><i>http_port 3128<br>
> icp_port 0<br>
> acl QUERY urlpath_regex cgi-bin \?<br>
> no_cache deny QUERY<br>
> acl all src 0/0<br>
> no_cache deny all<br>
> cache_mem 10 MB<br>
> maximum_object_size 1 KB<br>
> cache_peer proxy.pandora.be parent 8080 0 no-query default<br>
> emulate_httpd_log on<br>
> cache_dir ufs /var/spool/squid 100 16 256<br>
> cache_access_log /var/log/squid/access.log<br>
> acl all src 0.0.0.0/0.0.0.0<br>
> acl manager proto cache_object<br>
> acl localhost src 127.0.0.1/255.255.255.255<br>
> acl SSL_ports port 443 563<br>
> acl Safe_ports port 80 21 443 563 70 210 1025-65535<br>
> acl CONNECT method CONNECT<br>
> acl flapkefw src 10.1.5.100/255.255.255.255<br>
> acl flapkelt src 10.1.5.12/255.255.255.255<br>
> http_access allow manager localhost<br>
> http_access deny manager<br>
> http_access deny !Safe_ports<br>
> http_access deny CONNECT !SSL_ports<br>
> http_access allow flapkelt<br>
> http_access allow flapkefw<br>
> http_access deny all<br>
> httpd_accel_host virtual<br>
> httpd_accel_port 80<br>
> httpd_accel_with_proxy on<br>
> httpd_accel_uses_host_header on<br>
> logfile_rotate 1000<br><br>
> </i></font>iptables<br><br>
> <font face="Courier New, Courier" size=2><i>iptables -t nat -A
> PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port
> 3128<br><br> </i></font>I hope someone can help me<br><br>
> thanks allready<br><br>
> Arkadi<br>
> </html>
Received on Wed Jul 10 2002 - 04:34:21 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:09:12 MST