Re: [squid-users] i need a little help

Please try to reply to the list,

acl lan src 82.77.50.206/255.0.0.0 192.168.3.0/24

Are you sure of this?
That's a very large lan, and 82.77.50.206/255.0.0.0 is a public range of
IP......

badisp and badisp2 are addresses already declared in lan, so your deny
acl will never match. Don't forget that acls are applied from top to
bottom until one matches (when a match is done none of the following
acls will be checked)

this is useless in your actual config :
> acl badisp src 192.168.3.254
> http_acces deny badisp
> acl badisp2 src 192.168.3.38
> http_acces deny badisp2

concerning routing table, it depends on your operating system

running linux / unix,
you should look at "/sbin/route -n"
"man route" will help you for the usage of this command (adding revoving
etc...)

running windows

"route print" to watch your routing table
"route help" will help you

rolah_at_hyperpic.ro a écrit :
> Thank's for reply!
>
> The config file is the default with little changes:
>
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.0/255.255.255.255
> acl to_localhost dst 127.0.0.0/8
> acl SSL_ports port 443 563
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 563 # https, snews
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl CONNECT method CONNECT
> acl lan src 82.77.50.206/255.0.0.0 192.168.3.0/24
> http_access allow lan
> acl badisp src 192.168.3.254
> http_acces deny badisp
> acl badisp2 src 192.168.3.38
> http_acces deny badisp2
> acl MYLAN src 192.168.3.1-192.168.3.253/255.255.255.0
>
>
> How i can config the server routing table? the most important for me, the
> users connected with proxy i want to use the link1 for internet access
> (82.77.50.206) not the instant lan acces...
>
> Any idea?
>
>
> Robert
>
>
>> Hi
>>
>> without any parts of config file it would be difficult to help you
>>
>> but if I understand correctly what you explained, the problem is not in
>> squid config, but in you're squid server routing table.
>>
>> If your squid server uses your Internet gateway (2) instead of (1) it's
>> probably because your routing table is telling that to access the net
>> you have to go through gateway (2)
>>
>> hope my english is correct :D
>>
>>
>> rolah_at_hyperpic.ro a écrit :
>>> Hi!
>>>
>>> I want to use SQUID in proxy mode for administration of internet access.
>>> I installed SQUID 2.7 on Win 2003 server.
>>> I have 2 internet connections:
>>> 1. LAN connected to isp with static IP:
>>> 82.77.50.206/255.0.0.0 and
>>>
>>> 2. LAN connected to local area network with instant internet acces.
>>> The local ip is 192.196.3.38 gateway 192.168.3.254
>>>
>>> I want to use the proxy server to limit the users internet acces, to be
>>> accessible only on 1 LAN accessible ISP.
>>>
>>> How i can do this? I tried to modify the config.conf file, i putted the
>>> proxy server setting in the browser connections tab, but my browser show
>>> me the acces on 2. ISP, not on 1.
>>>
>>> Thank's for help
>>> and sorry for my bad english.
>>>
>>> Robert
>>>
>>>
>>> --
>>> Ce courrier électronique a été vérifié et est exempt de virus connus à
>>> ce jour.
>>> Contactez votre administrateur pour plus de renseignement.
>>> postmaster_at_ch-chaumont.fr
>>
>> --
>> Ce courrier ÿlectronique a ÿtÿ vÿrifiÿ et est exempt de virus connus ÿ ce
>> jour.
>> Contactez votre administrateur pour plus de renseignement.
>> postmaster_at_ch-chaumont.fr
>>
>>
>
>
> --
> Ce courrier électronique a été vérifié et est exempt de virus connus à ce jour.
> Contactez votre administrateur pour plus de renseignement.
> postmaster_at_ch-chaumont.fr

-- Ce courrier ÿlectronique a ÿtÿ vÿrifiÿ et est exempt de virus connus ÿ ce jour. Contactez votre administrateur pour plus de renseignement. postmaster_at_ch-chaumont.fr