Jan, Jan Groenewald wrote: > I have an Ubuntu Feisty box running squid: > ii squid 2.6.5-4ubuntu2 Internet Object Cache (WWW proxy cache) > > And I get these non-SSL ports denied as SSL ports: > > <snip> > 2007/06/10 22:07:37| aclCheck: checking 'http_access deny CONNECT > !SSL_ports' > 2007/06/10 22:07:37| aclMatchAclList: checking CONNECT > 2007/06/10 22:07:37| aclMatchAcl: checking 'acl CONNECT method CONNECT' > 2007/06/10 22:07:37| aclMatchAclList: checking !SSL_ports > 2007/06/10 22:07:37| aclMatchAcl: checking 'acl SSL_ports port 443 563 > # https, snews' > 2007/06/10 22:07:37| aclMatchAclList: returning 1 > 2007/06/10 22:07:37| aclCheck: match found, returning 0 > 2007/06/10 22:07:37| cbdataUnlock: 0x82adec0 > 2007/06/10 22:07:37| aclCheckCallback: answer=0 > 2007/06/10 22:07:37| cbdataValid: 0x85e0b50 > 2007/06/10 22:07:37| The request CONNECT 209.204.61.7:4000 is DENIED, > because it matched 'SSL_ports' > 2007/06/10 22:07:37| Access Denied: 209.204.61.7:4000 > 2007/06/10 22:07:37| AclMatchedName = SSL_ports > 2007/06/10 22:07:37| Proxy Auth Message = <null> > 2007/06/10 22:07:37| storeCreateEntry: '209.204.61.7:4000' > 2007/06/10 22:07:37| new_MemObject: returning 0x8ce8a68 > </snip> > > Other ports are in the range 1025-6000 and are getting the same problem. > My squid.conf below. Any tips appreciated. Although you have 1024-6000 listed in safe_ports, that will only allow access for http. You are attempting to use https so you will also need to list it in ssl_ports. HTH, Neil. -- Neil Hillard neil.hillard@xxxxxxxxxxxxxxxxxx AgustaWestland http://www.whl.co.uk/ Disclaimer: This message does not necessarily reflect the views of Westland Helicopters Ltd.
