In my squid.conf , i have : http_access allow all acl our_networks src 192.168.1.0/24 192.168.0.0/24 http_access allow our_networks acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 8383 # Webmail CFCC acl Safe_ports port 8443 # administration plesk chez amen acl CONNECT method CONNECT acl Safe_ports port 1025-65535 # unregistered ports -----Original Message----- From: Christoph Haas [mailto:email@xxxxxxxxxxxxxxxxx] Sent: mercredi 31 août 2005 15:42 To: squid-users@xxxxxxxxxxxxxxx Subject: Re: TCP MISS 503 On Wed, Aug 31, 2005 at 11:26:37AM +0300, David LE GOUPIL wrote: > I have a LAN connect to internet through a Firewall Iptable with squid ( > port 3128 for any protocols ) > > On my internet browser (workstation), I obtain this > > En essayant de charger l'URL : ftp://ftp.kernel.org/pub/ > L'erreur suivante a été rencontrée : > ? La connexion a échoué > Le système a retourné : > (13) Permission denied > > In my access.log, I have this message: > > 237 192.168.0.59 TCP_MISS/503 1564 GET ftp://ftp.kernel.org/pub/ - > NONE/- text/html > > I have the same message when I try to connect to ssl connection. > In my firewall's log I can not see any significant DROP. > > What the raison of a TCP_MISS/503 ? What do your ACLs and "http_access"es look like? Christoph -- ~ ~ ~ ".signature" [Modified] 3 lines --100%-- 3,41 All
