Re: [squid-users] Problems with hotmail and facebook - rev

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Tue, 16 Nov 2010 02:49:49 +1300

On 16/11/10 02:03, Landy Landy wrote:
>
> --- On Sun, 11/14/10, Amos Jeffries wrote:
>
>> From: Amos Jeffries
<snip>
>> Landy Landy wrote:
>>> Error de lectura
>>> El sistema ha devuelto el siguiente mensaje:
>>>
>>> (104) Connection reset by
>> peer
>>> Ha ocurrido algún problema mientras se leían datos
>> de la red. Por favor,
>>> inténtelo de nuevo.
>>
>> This is a different error to the one earlier. The hotmail
>> server(s) are
>> blocking/rejecting your access.
>>
>> I think this particular one is due to their HTTPS
>> authentication checking
>> IPs. The workaround to that is tproxy or not proxying for
>> hotmail.
>>
>> Amos
>>
>
> So, I should not cache/proxy hotmail, yahoo, and facebook.
>
> Is this how?
>
> acl someserver dstdomain .live.com .yahoo.com .facebook
> cache deny someserver
>
> is that correct?
>

No. It has to be done in your NAT rules so the requests to hotmail.com
and live.com never get into Squid.

The other way which apparently works is TPROXY.
  http://wiki.squid-cache.org/Features/Tproxy4
This makes Squid use the same IP on the http:// requests that the client
used on its other https:// requests.

Amos

-- 
Please be using
   Current Stable Squid 2.7.STABLE9 or 3.1.9
   Beta testers wanted for 3.2.0.3
Received on Mon Nov 15 2010 - 13:49:53 MST

This archive was generated by hypermail 2.2.0 : Mon Nov 15 2010 - 12:00:02 MST