Search squid archive

Re[2]: Re[2]: https Webmin using port 12000 doesn't work anymore with Squid

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello Chris,

Wednesday, November 23, 2005, 9:59:54 PM, you wrote:


CR> The CONNECT method is only allowed to ports 443, 563 and 873
CR> (deny CONNECT, unless it's to a port listed in SSL_Ports).  If you add...

CR> acl SSL_Ports port 12000 # Webmin

CR> ...to your ACL list you would be set.  Even better would be to
CR> define your Webmin host, and allow it specifically.  Instead of adding the above, add...

CR> acl webmin_host dstdomain webmin.mynet.dom
CR> acl webmin_port port 12000
CR> http_access allow CONNECT webmin_host webmin_port
CR> http_access deny CONNECT !SSL_ports  # Existing line

CR> Chris

I tried what you suggested, it didn't work :(

Here are my ACLs :

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255 192.168.1.0/255.255.255.255
acl to_localhost dst 127.0.0.0/8 192.168.1.0/255.255.255.255

acl our_network src 192.168.1.0/25

acl SSL_ports port 443 563 # https, snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl Safe_ports port 12000 #Webmin
acl webmin port 12000
acl SSL_ports port 12000 # voir ssl
acl purge method PURGE
acl CONNECT method CONNECT

And my HTTP_ACCESS :

http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge

http_access allow webmin
http_access allow CONNECT webmin

http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

http_access allow our_network
http_access allow localhost

http_access deny all

I get the error :
1132791052.505     11 192.168.1.10 TCP_MISS/200 2269 CONNECT 192.168.1.1:12000 - DIRECT/192.168.1.1 -
1132791052.584     10 192.168.1.10 TCP_MISS/200 2189 CONNECT 192.168.1.1:12000 - DIRECT/192.168.1.1 -

When  I  open  my  browser, and I choose Webmin, I get the certificate
window. Then the error Error - Access denied for 192.168.1.1


Thanx for your help :)

-- 
Best regards,
LeKeiserAmen  
mailto: LeKeiser@xxxxxxxxxxxx
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux