Tim Edwards said: > Hi, > > I have 2 squid machines running as cache-peers, with one (the 'iproxy') > forwarding requests to the other (the 'oproxy'). I'm trying to setup a > news server on the oproxy that can be accessed by users inside the LAN > using desproxy (http://desproxy.sourceforge.net/) to tunnel it through the > iproxy. However when I run desproxy and try to connect to the news server > I get this: > > Connection request from 192.168.1.186, port 41450 Connecting to http proxy It seems your news server port is 41450.Add that port to your ACL on Safe_ports directives > (iproxy:3128) Server: squid/2.5.STABLE3 Mime-Version: 1.0 Date: Wed, 07 Dec > 2005 05:57:09 GMT Content-Type: text/html Content-Length: 1089 Expires: Wed, > 07 Dec 2005 05:57:09 GMT X-Squid-Error: ERR_ACCESS_DENIED 0 X-Cache: MISS > from oproxy.registriesltd.com.au Proxy-Connection: close > > <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" > "http://www.w3.org/TR/html4/loose.dtd";> <HTML><HEAD><META > HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> > <TITLE>ERROR: The requested URL could not be retrieved</TITLE> <STYLE > type="text/css"><!--BODY{background-color:#ffffff;font-family:verdana,san > s-serif}PRE{font-family:sans-serif}--></STYLE> </HEAD><BODY> <H1>ERROR</H1> > <H2>The requested URL could not be retrieved</H2> <HR noshade size="1px"> > <P> While trying to retrieve the URL: <A HREF="oproxy:119">oproxy:119</A> > <P> The following error was encountered: <UL> <LI> <STRONG> Access Denied. > </STRONG> <P> Access control configuration prevents your request from being > allowed at this time. Please contact your service provider if you feel > this is incorrect. </UL> <P>Your cache administrator is <A > HREF="mailto:webmaster@xxxxxxxxxxxxxxxxxxxx";>webmaster@xxxxxxxxxxxxxxxxxx > au</A>. > > > <BR clear="all"> <HR noshade size="1px"> <ADDRESS> Generated Wed, 07 Dec > 2005 05:57:09 GMT by oproxy.registriesltd.com.au (squid/2.5.STABLE3) > </ADDRESS> </BODY></HTML> connect_host_to_proxy: ERROR Connection #0: end of > connection > > It seems that the squid on oproxy is denying access to the news server > that runs on that machine. Here's my squid.conf from oproxy: > > ftp_user webmaster@xxxxxxxxxxxxxxxxxxxx cache_mgr > webmaster@xxxxxxxxxxxxxxxxxxxx cache_mem 128 MB maximum_object_size 20480 > KB maximum_object_size_in_memory 64 KB cache_dir ufs /var/spool/squid 2048 > 32 512 # Allow CONNECT to SSL (and a few special) ports acl SSL_ports port > 22 443 563 873 5050 5190 5222 5223 http_access allow CONNECT SSL_ports # > Allow CONNECT to NNTP acl NNTP_port port 119 dst 10.20.10.2 http_access > allow CONNECT nntp_port # Other common ACLs #http_access deny to_localhost > acl iproxy src 10.20.10.0/24 acl iproxy2 src 10.70.10.0/24 http_access > allow iproxy http_access allow iproxy2 > > # Server settings visible_hostname oproxy.registriesltd.com.au http_port > 10.20.10.2:3128 > > # Default DENY http_access allow localhost http_access deny all > > -- Tim Edwards Systems Administrator REGISTRIES LTD ABN 14 003 209 836 Phone: > 92909610 > > IMPORTANT INFORMATION This email may contain privileged or confidential > information. If you are not the intended recipient, or a person > responsible for delivering this email to the intended recipient, you > should not disseminate, review, disclose, distribute or copy the contents > of this email or any attachments. In this case, please immediately notify > the sender by reply email, then delete this message and any attachments > from your system. > > Unencrypted emails transmitted over public networks are not private > communications, and therefore content integrity and confidentiality cannot > be guaranteed. Emails may also be lost, destroyed, or arrive late. It is > understood that opinions, conclusions and other information in this > message that do not relate to the official business of Registries Limited, > are neither given nor endorsed. > ---------------------------------------------------------------------- David Maina. Systems Administrator. PdE-Kenya. P. O. Box 1239 - 20100. Nakuru, Kenya. Telephone:+254-51-850298/850333. Cell:+254-721-950073. ---------------------------------------------------------------------- "By golly, I'm beginning to think Linux really *is* the best thing since sliced bread."
