Hi,
I wonder if anyone would be able to help me.
I'm running IpCop 1.4.18 with squid 2.6STABLE20.
I do not have any problem accessing any other web sites
through the transparent proxy but I've having trouble accessing
Google Earth. Through the proxy, the Google Earth servers cannot be
reached. If I access directly it works fine.
Based on what I found in the squid docs,
I've tried the following lines in squid.conf :-
acl ge dstdomain .google.com
always_direct allow ge
but this does not seem to have any affect.
I am a newbe when it comes to squid conf's so can anyone
tell me if there are any other magic entries that will
solve this problem ? How do i go about investigating the problem ?
Many thanks for any help,
Pete
My complete squid.conf is listed below :-
# Do not modify '/var/ipcop/proxy/squid.conf' directly since any changes
# you make will be overwritten whenever you resave proxy settings using the
# web interface!
#
# Instead, modify the file '/var/ipcop/proxy/advanced/acls/include.acl' and
# then restart the proxy service using the web interface. Changes made to the
# 'include.acl' file will propagate to the 'squid.conf' file at that time.
shutdown_lifetime 5 seconds
icp_port 0
http_port 192.168.1.3:800 transparent
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
acl no_cache_domains dstdomain "/var/ipcop/proxy/advanced/acls/dst_nocache.acl"
cache deny no_cache_domains
cache_effective_user squid
cache_effective_group squid
umask 022
pid_filename /var/run/squid.pid
cache_mem 2 MB
cache_dir aufs /var/log/cache 50 16 256
error_directory /usr/lib/squid/advproxy/errors.ipcop/English
access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
useragent_log /var/log/squid/user_agent.log
strip_query_terms off
log_mime_hdrs off
forwarded_for off
via off
acl within_timeframe time MTWHFAS 00:00-24:00
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 # https
acl SSL_ports port 563 # snews
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 563 # snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 800 # Squids port (for icons)
acl IPCop_http port 81
acl IPCop_https port 445
acl IPCop_ips dst 192.168.1.3
acl IPCop_networks src "/var/ipcop/proxy/advanced/acls/src_subnets.acl"
acl IPCop_servers dst "/var/ipcop/proxy/advanced/acls/src_subnets.acl"
acl IPCop_green_network src 192.168.1.0/255.255.255.0
acl IPCop_green_servers dst 192.168.1.0/255.255.255.0
acl CONNECT method CONNECT
#Start of custom includes
acl ge dstdomain .google.com
always_direct allow ge
#End of custom includes
#Access to squid:
#local machine, no restriction
http_access allow localhost
#GUI admin if local machine connects
http_access allow IPCop_ips IPCop_networks IPCop_http
http_access allow CONNECT IPCop_ips IPCop_networks IPCop_https
#Deny not web services
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
#Set custom configured ACLs
http_access allow IPCop_networks within_timeframe
http_access deny all
#Strip HTTP Header
header_access X-Forwarded-For deny all
header_access Via deny all
maximum_object_size 8192 KB
minimum_object_size 0 KB
request_body_max_size 0 KB
reply_body_max_size 0 allow all
visible_hostname ipcop.localdomain
Received on Sun Jul 20 2008 - 20:07:03 MDT
This archive was generated by hypermail 2.2.0 : Thu Jul 24 2008 - 12:00:04 MDT