[squid-users] URGENT -- Suddenly Cant open Facebook

From: Jorge Perez <jorge.perez_at_via.cl>
Date: Thu, 22 Jul 2010 12:47:57 -0400 (CLT)

Hello, we suddenly today we cant open facebook and we need it urgently for work.

There is no DNS Issue, all i get is a blank page and nothing happens. Before it was everything ok...

Any ideas??

Here is access.log

1279813884.035 144 192.168.169.238 TCP_MISS/200 1704 GET http://static.ak.fbcdn.net/rsrc.php/zANMV/hash/9hba0udp.css - DIRECT/65.216.161.59 text/css
1279813885.265 2175 192.168.169.238 TCP_MISS/200 793 GET http://www.facebook.com/? - DIRECT/66.220.147.11 text/html
1279813887.957 5110 192.168.169.238 TCP_MISS/404 11091 GET http://www.facebook.com/t - DIRECT/66.220.147.11 text/html
1279813888.020 1558 192.168.169.238 TCP_MISS/200 453 GET http://www.facebook.com/? - DIRECT/66.220.147.11 text/html
1279813893.897 9622 192.168.169.238 TCP_MISS/200 688 GET http://search.twitter.com/search.json? - DIRECT/128.242.245.43 application/json

iptables proxy rules:

echo "Aplicando reglas iptables..."
iptables -t nat -F
iptables -t nat -X
iptables -t nat -Z
iptables -F
iptables -X
iptables -Z
##
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -t nat -P PREROUTING ACCEPT
iptables -t nat -P POSTROUTING ACCEPT
##
iptables -t nat -A POSTROUTING -s 192.168.169.0/24 -o eth2 -j MASQUERADE
iptables -t nat -A PREROUTING -s 192.168.169.0/24 -d ! 192.168.169.0/24 -p tcp --dport 80 -j REDIRECT --to-port 3128
##
iptables -A FORWARD -s 192.168.169.0/24 -i eth2 -p tcp --dport 993 -j ACCEPT
iptables -A FORWARD -s 192.168.169.0/24 -i eth2 -p tcp --dport 110 -j ACCEPT
iptables -A FORWARD -s 192.168.169.0/24 -i eth2 -p tcp --dport 465 -j ACCEPT
iptables -A FORWARD -s 192.168.169.0/24 -i eth2 -p tcp --dport 25 -j ACCEPT
iptables -A FORWARD -s 192.168.169.0/24 -i eth2 -p tcp --dport 80 -j ACCEPT
iptables -A FORWARD -s 192.168.169.0/24 -i eth2 -p tcp --dport 443 -j ACCEPT
iptables -A FORWARD -s 192.168.169.0/24 -i eth2 -p tcp --dport 53 -j ACCEPT
iptables -A FORWARD -s 192.168.169.0/24 -i eth2 -p udp --dport 53 -j ACCEPT
iptables -A FORWARD -s 192.168.2.0/24 -i eth2 -p tcp --dport 1863 -j ACCEPT
##
echo 1 > /proc/sys/net/ipv4/ip_forward

squid.conf

http_port 192.168.169.3:3128 transparent
cache_dir ufs /usr/local/squid/var/cache 250 16 256
cache_effective_user squid
cache_effective_group squid
access_log /usr/local/squid/var/logs/access.log squid
################################
acl localnet src 192.168.169.0/255.255.255.0
acl localhost src 127.0.0.1/255.255.255.255
acl all src 0.0.0.0/0.0.0.0
###########################
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
#### SITIOS BLOKEADOS #####
acl restobb src 192.168.169.1-192.168.169.129
acl sucky_urls dstdomain .facebook.com .twitter.com .doubleclick.com .fotolog.com .warez-bb.org .fotolog.cl .chilewarez.org .rapidshare.com .megaupload.com .rapidshare.de .medi$
deny_info http://www.trabajoweb.cl/error.html sucky_urls
http_access deny restobb sucky_urls
######################## NO DESCARGAS #####
acl resto src 192.168.169.1-192.168.169.29/32
acl descargas_negadas urlpath_regex -i \.(exe|vqf|gz|zip|r[ap][rwm]|avi|mpe?g?3?|qt|ra?m|iso|wav|mov|torrent)(\?.*)?$
deny_info http://www.trabajoweb.cl/error.html descargas_negadas
http_access deny resto descargas_negadas
######################## SITIOS PROYECTOS ###############
acl restobb2 src 192.168.169.130-192.168.169.149
acl sucky_urls2 dstdomain .doubleclick.com .warez-bb.org .fotolog.cl .chilewarez.org .rapidshare.com .megaupload.com .rapidshare.de .mediafire.com .depositfiles.com .taringa.co$
deny_info http://www.trabajoweb.cl/error.html sucky_urls2
http_access deny restobb2 sucky_urls2
########################
######################## SITIOS ESTUDIO ###############
acl restobb3 src 192.168.169.190-192.168.169.219
acl sucky_urls3 dstdomain .doubleclick.com .warez-bb.org .fotolog.cl .chilewarez.org .rapidshare.com .megaupload.com .rapidshare.de .mediafire.com .depositfiles.com .taringa.co$
deny_info http://www.trabajoweb.cl/error.html sucky_urls2
http_access deny restobb3 sucky_urls2
########################
########################
http_access allow localnet
http_access allow localhost
http_access deny all
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
##############################
http_reply_access allow localnet
http_reply_access deny all
acl FTP proto FTP
always_direct allow FTP
#############################
#REGLAS DESCARGAS
acl normales src 192.168.169.30-192.168.169.129/32
acl tecnicos src 192.168.169.130-192.168.169.149/32
acl administrador src 192.168.169.150-192.168.169.189/32
acl estudio src 192.168.169.190-192.168.169.219/32
acl descargas urlpath_regex -i \.(exe|vqf|gz|zip|r[ap][rwm]|avi|mpe?g?3?|qt|ra?m|iso|wav|mov)(\?.*)?$

delay_pools 4
####
delay_class 1 1
delay_parameters 1 10240/10485760 10240/10485760
delay_access 1 allow normales descargas
delay_access 1 deny all
###
###
delay_class 2 1
delay_parameters 2 30720/104857600 30720/104857600
delay_access 2 allow tecnicos descargas
delay_access 2 deny all
####
delay_class 3 1
delay_parameters 3 30720/104857600 30720/104857600
delay_access 3 allow administrador descargas
delay_access 3 deny all
###
delay_class 4 1
delay_parameters 4 10240/10240 10240/10240
delay_access 4 allow estudio
delay_access 4 deny all

-- 
Atte
Jorge Perez V.
Departamento de informática
Anexo: 359
Received on Thu Jul 22 2010 - 15:55:51 MDT

This archive was generated by hypermail 2.2.0 : Thu Jul 22 2010 - 12:00:05 MDT