[squid-users] Help Regarding Squid

"Pankaj Agarwal" <pankaj@xxxxxxxxxxxx> · Sat, 26 Feb 2005 21:47:10 +0530

Hi,

I am facing a very strange problem with squid. Users in my LAN are not able
to connect to some of the HTTPS sites. On that particular sites it keeps on
asking for username and password.... but if I configure the client to direct
access ..then I gives the webpage and asks for user name and password in
html page...

Any input to resolve this problem is welcomed.... Kindly help

Thanks and Regards,

Pankaj Agarwal

Note: I'm enclosing my squid.conf and ipchains.conf below

####################################################################
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
####################################################################

# ipchains.conf

/sbin/ipchains -A forward -s 192.168.2.0/24 -j MASQ

# input chain:

/sbin/ipchains -P input ACCEPT

/sbin/ipchains -A input -p tcp -s 61.11.104.0/24  -d 127.0.0.1/32 80 -j 
ACCEPT

/sbin/ipchains -A input -p tcp -s 220.227.153.48/28  -d 127.0.0.1/32 80 -j 
ACCEPT

/sbin/ipchains -A input -p tcp -s 61.11.104.0/24  -d 61.11.104.63/32 80 -j 
ACCEPT

/sbin/ipchains -A input -p tcp -s 220.227.153.48/28 -d 220.227.153.61/32 
80 -j ACCEPT

/sbin/ipchains -A input -p tcp -s 61.11.104.0/24  -d 192.168.2.5/32 80 -j 
ACCEPT

/sbin/ipchains -A input -p tcp -s 192.168.2.0/24  -d 0.0.0.0/0 80 -j 
REDIRECT 3128

# output chain:
/sbin/ipchains -P output ACCEPT

# forward chain:
/sbin/ipchains -P forward ACCEPT
########################################################################
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
########################################################################

SQUID ACL

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

acl all src 0.0.0.0/0.0.0.0

acl SSL_Ports port 443 563

acl Safe_Ports port 80

acl Safe_Ports port 21

acl Safe_Ports port 443 563

acl CONNECT method CONNECT

acl special src "/home/users/admin/content_filter/specialip.txt"

acl lan src 192.168.2.0/255.255.255.0

acl blockcontent url_regex -i 
"/home/users/admin/content_filter/blockedword.txt"

acl denyfiletype url_regex -i "/home/users/admin/content_filter/fileext.txt"

http_access deny !Safe_Ports
http_access deny CONNECT !SSL_Ports
http_access allow special
http_access deny blockcontent
http_access deny denyfiletype
http_access allow lan
http_access deny all