[squid-users] Configuring Squid to run with Elster Client from Michael Ehlers on 2003-06-25 (squid-users)

From: Michael Ehlers <mehlers@dont-contact.us>
Date: Wed, 25 Jun 2003 14:07:42 +0200

Hi,

for using the Elster Windows Client (www.elster.de) this needs spezial
requirements. The internal running Port 3128
works fine for internet browsing. But Elster needs spezial Entries we have
implemented in /etc/squid.conf
but not working.

Elster needs for the local Network the following Ports:

1024 --> Gateway to 62.157.211.58 Port 8000
1025 --> Gateway to 62.157.211.59 Port 8000
1026 --> Gateway to 194.112.100.70 Port 8000
1027 --> Gateway to 193.109.238.26 Port 8000
1029 --> Gateway to 193.109.238.27 Port 8000

*The IP-Adresses are spezial Servers of Elster

We have this Gateway functionality testet in JanaProxy (Konfiguration
Example: http://www.voks.de/Programminfos/Konfiguration_AVMKEN_Jana.pdf)
and this works from the same Server in Windows VMWare Session. The Host
System ist SuSE Linux 8.0. In the future all German companies
would work with Elster and if they are using Squid Proxy this should work.

#
## squid.conf
#
http_port 192.x.x.x:3128
http_port 192.x.x.x:1024
http_port 192.x.x.x:1025
http_port 192.x.x.x:1026
http_port 192.x.x.x:1027
http_port 192.x.x.x:1028
http_port 192.x.x.x:1029

We have not found where to configure "Gateway" functions. So we do that in
cache_peer

#
## cache_peer
#
cache_peer 62.157.211.58 parent 1024 8000
cache_peer 62.157.211.59 parent 1025 8000
cache_peer 194.112.100.70 parent 1026 8000
cache_peer 193.109.238.26 parent 1027 8000
cache_peer 193.109.238.27 parent 1028 8000

#
## acl (works for internet browsing)
#
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 21 443 563 70 210 280 488 591 777 1025-65535
acl CONNECT method CONNECT
acl allowed_hosts src 192.x.x.0/255.255.255.0

# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager
http_access allow localhost

# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports

http_access allow allowed_hosts
http_access deny all

Can anyone help us?

Regards

i.A. Michael Ehlers
adata Software GmbH

--------------------------------------

Telefon : 04231/804-0
Telefax : 04231/804-400

Lohn & Gehalt : 0190/884331
Fibu / Kost / Anla : 0190/884332
Auf / Av / B+E / List : 0190/884333
Bde / Pze : 0190/884334
Systemsupport : 0190/884335

Telefax Lohnhotline : 04231/804-401

--------------------------------------

adata Software GmbH
Windmühlenstrasse 15
27283 Verden

http://www.adata.de
--------------------------------------
Received on Wed Jun 25 2003 - 06:08:01 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:17:38 MST