Re: [squid-users] Problem to enter a site. from Amos Jeffries on 2008-08-01 (squid-users)

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Fri, 01 Aug 2008 18:41:26 +1200

Michael Fernández M wrote:
> Hi,
>
> I have squid server working and i cannot enter to a site with a form:
> the thing is when i complete the form and press submit nothing
> happend...
>
> The logs show this (after press submit):
>
>
> 1217433307.700 62 x.x.x.x TCP_MISS/200 4431 POST
> http://www.safp.cl/inf_afiliados/infoAfiliacion/consafi.php? -
> DIRECT/163.247.55.137 text/html
>
> 1217433307.802 53 x.x.x.x TCP_MISS/200 3099 GET
> http://www.safp.cl/redirect/javascript/functions.js -
> DIRECT/163.247.55.137 text/html

That log shows a successful transfer. I think the problem is with what
should be happening after those lines.

Amos

>
>
> If i try without proxy it works...
>
> The version of squid is: 2.5.9-10sarge5
>
> The configuration is:
>
>
> http_port 3128
> hierarchy_stoplist cgi-bin ?
> acl QUERY urlpath_regex cgi-bin \?
> no_cache deny QUERY
> hosts_file /etc/hosts
> refresh_pattern ^ftp: 1440 20% 10080
> refresh_pattern ^gopher: 1440 0% 1440
> refresh_pattern . 0 20% 4320
> cache_mem 32 MB
> cache_dir ufs /var/spool/squid 10000 16 256
> cache_access_log /var/log/squid/access.log
> cache_log /var/log/squid/cache.log
> cache_store_log /var/log/squid/store.log
> ftp_user Squid@
> ftp_passive on
> error_directory /usr/share/squid/errors/Spanish
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl lan src 172.17.0.0/255.255.0.0
>
> acl servidores-locales dst 172.17.0.0/255.255.0.0
> acl SSL_ports port 443 563 10000
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 563 # https, snews
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
>
> acl purge method PURGE
> acl CONNECT method CONNECT
>
> acl servidor_boton src 172.17.40.37
>
> auth_param ntlm program /usr/bin/ntlm_auth
> --helper-protocol=squid-2.5-ntlmssp
> auth_param ntlm children 30
> auth_param ntlm max_challenge_reuses 0
> auth_param ntlm max_challenge_lifetime 2 minutes
>
>
> ###Acceso a sitios comunes
> acl srv_citrix src 172.17.40.25/32
> acl accesos_comunes dstdomain "/etc/squid/conf/accesos_comunes"
> acl ips_safp dst "/etc/squid/conf/ips_allow_safp"
>
> ##Activex microsoft
> acl sitios_microsoft dstdomain "/etc/squid/conf/sitios_microsoft"
> #########
>
>
> acl redirect_java urlpath_regex /javascript/functions.js
>
> acl sitios_ip dst 192.168.246.150/32
> acl bajo proxy_auth "/etc/squid/conf/bajo/usuarios.conf"
> acl sitios_bajo dstdomain "/etc/squid/conf/bajo/sitios.conf"
> acl ips_bajo dst "/etc/squid/conf/bajo/ips_permitidas.conf"
>
> acl medio proxy_auth "/etc/squid/conf/medio/usuarios.conf"
> acl sitios_medio dstdomain "/etc/squid/conf/medio/sitios.conf"
> acl ips_medio dst "/etc/squid/conf/medio/ips_permitidas.conf"
>
> acl alto proxy_auth "/etc/squid/conf/alto/usuarios.conf"
> acl sitios_alto dstdomain "/etc/squid/conf/alto/sitios.conf"
> acl ips_alto dst "/etc/squid/conf/medio/ips_permitidas.conf"
>
> acl webservice dst
> "/etc/squid/conf/direcciones_ip_de_servidores_webservice.conf"
>
>
> http_access allow servidor_boton
> http_access allow webservice
> http_access allow redirect_java
> http_access allow ips_safp
> http_access allow accesos_comunes
>
> http_access allow manager localhost
> http_access deny manager
>
> http_access deny !Safe_ports
> http_access allow CONNECT SSL_ports
>
> http_access allow localhost
> http_access allow lan servidores-locales
> http_access allow lan sitios_microsoft
> http_access allow sitios_ip
> http_access allow bajo sitios_bajo
> http_access allow bajo ips_bajo
> http_access allow medio sitios_medio
> http_access allow medio ips_medio
> http_access allow alto sitios_alto
> http_access allow alto ips_alto
>
> http_access allow purge localhost
> http_access deny purge
>
> http_access allow localhost
> http_access allow lan
>
>
> http_reply_access allow all
>
> icp_access allow all
>
> http_access deny all
>
> The strange thing is i have other squid server (the same version) and
> with this server the forms works..... and the configuration is very
> similar only change some auth acl's
>
> Somebody have any idea?
>
> Thanks!!!!
>
> Michael
>
>

-- 
Please use Squid 2.7.STABLE3 or 3.0.STABLE8

Received on Fri Aug 01 2008 - 06:42:13 MDT

This archive was generated by hypermail 2.2.0 : Fri Aug 01 2008 - 12:00:05 MDT