[squid-users] SECURITY ALERT: Squid Cache: Version 3.2.0.13

Dear

I'm trying to make Squid Cache: Version 3.2.0.13-20111127-r11436 on
transparent mode

But squid refuse to access to some websites
for example google.* is ok

but microsoft is impossible.

How to fix this issue ?

On event :

Nov 29 22:18:57 squid2 squid[11257]: SECURITY ALERT: By user agent:
Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0;
InfoPath.2; MS-RTC LM 8; .NET CLR 2.0.50727; .NET CLR
3.0.4506.2152; .NET CLR 3.5.30729)
Nov 29 22:18:57 squid2 squid[11257]: SECURITY ALERT: on URL:
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Nov 29 22:18:59 squid2 squid[11257]: SECURITY ALERT: By user agent:
Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0;
InfoPath.2; MS-RTC LM 8; .NET CLR 2.0.50727; .NET CLR
3.0.4506.2152; .NET CLR 3.5.30729)
Nov 29 22:18:59 squid2 squid[11257]: SECURITY ALERT: on URL:
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

iptables rules:
-A PREROUTING -s 192.168.1.223/32 -p tcp -m tcp --dport 80 -j ACCEPT
-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
-A POSTROUTING -j MASQUERADE

here it is my squid.conf

# IS 3.2 YES
# IS 3.1 YES
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
memory_pools off
quick_abort_min 0 KB
quick_abort_max 0 KB
log_icp_queries off
client_db off
buffered_logs on
half_closed_clients off

#--------- squidGuard

#Disabled enable_squidguard=
#--------- SQUID PARENTS (feature not enabled)

#--------- acls
acl blockedsites url_regex "/etc/squid3/squid-block.acl"
acl CONNECT method CONNECT
acl purge method PURGE
acl FTP proto FTP

acl office_network src all

#--------- MAIN RULES...
always_direct allow FTP
# --------- SAFE ports
acl Safe_ports port 80 #http
acl Safe_ports port 22 #ssh
acl Safe_ports port 443 563 #https, snews
acl Safe_ports port 1863 #msn
acl Safe_ports port 70 #gopher
acl Safe_ports port 210 #wais
acl Safe_ports port 1025-65535 #unregistered ports
acl Safe_ports port 280 #http-mgmt<td valign='middle'>
acl Safe_ports port 488 #gss-http
acl Safe_ports port 591 #filemaker
acl Safe_ports port 777 #multiling http
acl Safe_ports port 631 #cups
acl Safe_ports port 873 #rsync
acl Safe_ports port 901 #SWAT
acl Safe_ports port 20 #ftp-data
acl Safe_ports port 21 #ftp#
# --------- Use x-forwarded-for for local Dansguardian or load balancers
log_uses_indirect_client on
follow_x_forwarded_for allow localhost
acl SSL_ports port 9000 #Artica
acl SSL_ports port 443 #HTTPS
acl SSL_ports port 563 #https, snews
acl SSL_ports port 6667 #tchat

# --------- RULES DEFINITIONS
http_access deny to_localhost
url_rewrite_access deny localhost
url_rewrite_access allow all
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow manager localhost
http_access allow purge localhost
http_access deny purge
http_access deny blockedsites
http_access allow office_network
http_access deny all

# --------- ident_lookup_access
hierarchy_stoplist cgi-bin ?

# --------- General settings
visible_hostname proxyweb

# --------- time-out
dead_peer_timeout 10 seconds
dns_timeout 2 minutes
connect_timeout 1600 seconds
persistent_request_timeout 3 minutes
pconn_timeout 1600 seconds

maximum_object_size 300 MB
minimum_object_size 0 KB
maximum_object_size_in_memory 1024 KB

#http/https ports
http_port 3128 intercept
http_port 3129

# --------- SSL Rules

# --------- Caches
cache_effective_user squid
cache_effective_group squid
#cache_replacement_policy heap LFUDA
cache_mem 8 MB
cache_swap_high 90
cache_swap_low 95
# --------- DNS and ip caches
ipcache_size 1024
ipcache_low 90
ipcache_high 95
fqdncache_size 1024

# --------- SPECIFIC DNS SERVERS

#--------- FTP specific parameters
ftp_passive on
ftp_sanitycheck off
ftp_epsv off
ftp_epsv_all off
ftp_telnet_protocol off

debug_options ALL,1
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
refresh_pattern -i (/cg-bin/|\?) 0 0% 0

#Logs-------------------------------------------------
coredump_dir /var/squid/cache
cache_log /var/log/squid/cache.log
pid_filename /var/run/squid.pid
error_directory /usr/share/squid-langpack/en
logformat common MAC:%>eui %>a %[ui %[un [%tl] "%rm %ru HTTP/%rv" %>Hs
%<st %Ss:%Sh
cache_store_log stdio:/var/log/squid/store.log
access_log syslog:authpriv.info common

workers 2
cache_dir rock /var/cache/RockStore-0 256 max-size=32768
cache_dir rock /var/cache/RockStore-1 256 max-size=32768
cache_dir ufs /var/cache/squid 2000 16 256
# --------- OTHER CACHES
Received on Tue Nov 29 2011 - 21:48:46 MST