Jan,
Jan Groenewald wrote:
> I have an Ubuntu Feisty box running squid:
> ii squid 2.6.5-4ubuntu2 Internet Object Cache (WWW proxy cache)
>
> And I get these non-SSL ports denied as SSL ports:
>
> <snip>
> 2007/06/10 22:07:37| aclCheck: checking 'http_access deny CONNECT
> !SSL_ports'
> 2007/06/10 22:07:37| aclMatchAclList: checking CONNECT
> 2007/06/10 22:07:37| aclMatchAcl: checking 'acl CONNECT method CONNECT'
> 2007/06/10 22:07:37| aclMatchAclList: checking !SSL_ports
> 2007/06/10 22:07:37| aclMatchAcl: checking 'acl SSL_ports port 443 563
> # https, snews'
> 2007/06/10 22:07:37| aclMatchAclList: returning 1
> 2007/06/10 22:07:37| aclCheck: match found, returning 0
> 2007/06/10 22:07:37| cbdataUnlock: 0x82adec0
> 2007/06/10 22:07:37| aclCheckCallback: answer=0
> 2007/06/10 22:07:37| cbdataValid: 0x85e0b50
> 2007/06/10 22:07:37| The request CONNECT 209.204.61.7:4000 is DENIED,
> because it matched 'SSL_ports'
> 2007/06/10 22:07:37| Access Denied: 209.204.61.7:4000
> 2007/06/10 22:07:37| AclMatchedName = SSL_ports
> 2007/06/10 22:07:37| Proxy Auth Message = <null>
> 2007/06/10 22:07:37| storeCreateEntry: '209.204.61.7:4000'
> 2007/06/10 22:07:37| new_MemObject: returning 0x8ce8a68
> </snip>
>
> Other ports are in the range 1025-6000 and are getting the same problem.
> My squid.conf below. Any tips appreciated.
Although you have 1024-6000 listed in safe_ports, that will only allow
access for http. You are attempting to use https so you will also need
to list it in ssl_ports.
HTH,
Neil.
-- Neil Hillard neil.hillard@agustawestland.com AgustaWestland http://www.whl.co.uk/ Disclaimer: This message does not necessarily reflect the views of Westland Helicopters Ltd.Received on Mon Jun 11 2007 - 06:13:20 MDT
This archive was generated by hypermail pre-2.1.9 : Sun Jul 01 2007 - 12:00:04 MDT