[squid-users] Re: VirusWall and Squid ACL

Hi Herman,

Herman (ISTD) wrote:
> I have installed Interscan Viruswall and Squid on the same box. It
> worked perfectly though in Trial version, automatic virus pattern update
> cannot work. My squid is running on 3128 port, and my Interscan is
> running on 80 port. Just redirect squid request to Interscan using
> cache_peer 127.0.0.1 parent 80 7 default no-query. Make sure httpd is
> not running on port 80.

I addeded

cache_peer 127.0.0.1 parent 80 7 default no-query

to /etc/squid/squid.conf and specify VirusWall to use

Original HTTP server location:
       Other (server and port): 127.0.0.1 80

but I'm seeing the following error in /var/log/squid/cache.log

2004/05/05 15:51:41| Detected REVIVED Parent: 127.0.0.1/80/7
2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed
2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed
2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed
2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed
2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed
2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed
2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed
2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed
2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed
2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed
2004/05/05 15:54:23| Detected DEAD Parent: 127.0.0.1/80/7

My /etc/squid/squid.conf is as follows. May I ask what am I doing wrong?

Regards,
Norman

cache_mgr web.master@arkonnetworks.com
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 16 MB
cache_dir ufs /var/spool/squid 200 16 256
cache_peer 127.0.0.1 parent 80 7 default no-query
ftp_user squid@test.com
auth_param ntlm program /usr/lib/squid/wb_ntlmauth
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes

external_acl_type NT_global_group %LOGIN /usr/lib/squid/wb_group

acl ProxyUsers external NT_global_group ProxyUsers
acl authusrs proxy_auth REQUIRED
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl webmin port 10000 20000 # webmin, usermin
acl CONNECT method CONNECT
acl localnet dst 192.168.11.0/26 192.168.22.0/25
acl arkonweb dst 207.34.136.4 207.34.136.5 207.34.136.7
acl pdfgrab browser WebCapture
acl realplay browser RealMedia
acl ssread browser SSDOWNLOAD
acl ssread browser SSREADER

http_access allow manager localhost
http_access deny manager
http_access allow CONNECT webmin
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access allow arkonweb
http_access allow pdfgrab
http_access allow realplay
http_access allow ssread
http_access allow authusrs ProxyUsers
http_access allow localhost
http_access deny all

icp_access allow all

>>-----Original Message-----
>>From: Norman Zhang [mailto:norman.zhang@rd.arkonnetworks.com]
>>Sent: Tuesday, May 04, 2004 9:11 AM
>>To: squid-users@squid-cache.org
>>Subject: [squid-users] VirusWall and Squid ACL
>>
>>TrendMicro recommends that I need to setup 2 Squid Proxies with
>>VirusWall in order for it to work with Squid's ACL mechanism
>>(http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionID=8496).
>>Client ---> Proxy#1 (Squid) ---> InterScan VirusWall ---> Proxy#2 --->
>>Internet
>>
>>But searching the archives, it looks like users are able to use
>>VirusWall with just 1 Squid Proxy Server on the same box. May I ask
>>what's which setup should I go for? I'm using squid-2.5.STABLE2-2mdk
>>and Interscan VirusWall 3.81.
Received on Wed May 05 2004 - 17:05:04 MDT