RE: [squid-users] Re: HTTPS site
This is a discussion on RE: [squid-users] Re: HTTPS site within the Squid Users forums, part of the Web Server and Related Forums category; Adam, first of all thanks for your replay... I try your suggestion but the problem persist. Bellow is acl extract ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-07-2004
|
|||
|
|||
RE: [squid-users] Re: HTTPS site
Adam, first of all thanks for your replay...
I try your suggestion but the problem persist. Bellow is acl extract of the squid.conf #Recommended minimum configuration: acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl yahoo dstdomain .msg.yahoo.com acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 81 # http acl Safe_ports port 85 acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT always_direct allow yahoo acl localnet proxy_auth REQUIRED no_cache deny all http_access allow localhost http_access allow manager localhost #http_access deny manager # Deny requests to unknown ports http_access deny !Safe_ports # Deny CONNECT to other than SSL ports http_access deny CONNECT !SSL_ports http_access allow localnet http_access deny all never_direct allow all Cheers... -----Mensaje original----- De: Adam Aube [mailto:aaube01@baker.edu] Enviado el: Mi=E9rcoles, 07 de Abril de 2004 14:49 Para: squid-users@squid-cache.org Asunto: [squid-users] Re: HTTPS site Montervino, Mariano wrote: > I=B4m using squid Version 2.5.STABLE5 and Samba 3.0.2a in a windows = network. > If i configure IE to use "use http 1.1" plus "use http 1.1 through = proxy > connection" options i couldn=B4t access somes site using ssl. The = access.log > show that for thats sites the user doesn=B4t authenticate; but in = this > scenario yahoo messenger work fine. > If i configure IE to use only "use http 1.1" option all ssl site work > fine; but in this scenario yahoo messenger stop working. Below is a > extract of access.log I can understand your frustration - we had the same problem at a site I worked at. Never could figure out how to get Yahoo! messenger working, = but also didn't invest an enormous amount of time into it, as Yahoo! = messenger was personal use, not business-related. One thing you could try is specifically allowing .msg.yahoo.com (using = a dstdomain acl) before you require authentication. You would lose the tracking and access control the authentication provides, but that's = your call. I would also recommend complaining to Yahoo! about it, as they make the software. Adam 
|
Linear Mode
