Search squid archive

Re: Wrong ports denied as SSL_ports

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Jan,

Jan Groenewald wrote:
> I have an Ubuntu Feisty box running squid:
> ii  squid          2.6.5-4ubuntu2 Internet Object Cache (WWW proxy cache)
> 
> And I get these non-SSL ports denied as SSL ports:
> 
> <snip>
> 2007/06/10 22:07:37| aclCheck: checking 'http_access deny CONNECT
> !SSL_ports'
> 2007/06/10 22:07:37| aclMatchAclList: checking CONNECT
> 2007/06/10 22:07:37| aclMatchAcl: checking 'acl CONNECT method CONNECT'
> 2007/06/10 22:07:37| aclMatchAclList: checking !SSL_ports
> 2007/06/10 22:07:37| aclMatchAcl: checking 'acl SSL_ports port 443 563
> # https, snews'
> 2007/06/10 22:07:37| aclMatchAclList: returning 1
> 2007/06/10 22:07:37| aclCheck: match found, returning 0
> 2007/06/10 22:07:37| cbdataUnlock: 0x82adec0
> 2007/06/10 22:07:37| aclCheckCallback: answer=0
> 2007/06/10 22:07:37| cbdataValid: 0x85e0b50
> 2007/06/10 22:07:37| The request CONNECT 209.204.61.7:4000 is DENIED,
> because it matched 'SSL_ports'
> 2007/06/10 22:07:37| Access Denied: 209.204.61.7:4000
> 2007/06/10 22:07:37| AclMatchedName = SSL_ports
> 2007/06/10 22:07:37| Proxy Auth Message = <null>
> 2007/06/10 22:07:37| storeCreateEntry: '209.204.61.7:4000'
> 2007/06/10 22:07:37| new_MemObject: returning 0x8ce8a68
> </snip>
> 
> Other ports are in the range 1025-6000 and are getting the same problem.
> My squid.conf below. Any tips appreciated.

Although you have 1024-6000 listed in safe_ports, that will only allow
access for http.  You are attempting to use https so you will also need
to list it in ssl_ports.

HTH,


				Neil.

-- 
Neil Hillard                    neil.hillard@xxxxxxxxxxxxxxxxxx
AgustaWestland                  http://www.whl.co.uk/

Disclaimer: This message does not necessarily reflect the
            views of Westland Helicopters Ltd.

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux