Talk to the firehol group; squid probably hasn't anything to do with this. Adrian On Thu, Sep 13, 2007, Michael Harly wrote: > Every thing working fin on our Debian firewall box > we can access any utl with firefox, but we have block most url for using > IE and only allow very few utl ie: microfost update > > but now we have to url we can't access > > Our firewall box is: > Debian = 3.1 > firewall = firehol v.5 > proxy = squid v2.5 > > when we connect our new office whey want to access to url that they need > to access but was block by our firewall box but i can't fine any > entry's about this url. > > I have put them in the allow list but nothing helps > > We can connect the url from the outside on our firewall > > In the syslog i get this > Sep 13 09:23:48 worf kernel: OUT-unknown:IN= OUT=eth2 SRC=129.142.24.162 > DST=89.104.212.25 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=6700 DF PROTO=TCP > SPT=59858 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0 > > In squid log I get: > 2352524545.344 3495897 ip-adr TCP_miss/504 1422 get > http://www.comendo.dk - none/ - text/html > > HTTP Error 504 - Gateway timeout > > please help! > > best regard > /harly > > The error page I get in Firefox after a log time: > **** > ERROR > The requested URL could not be retrieved > > While trying to retrieve the URL: http://www.comendo.dk/ > > The following error was encountered: > > * Connection Failed > > The system returned: > > (110) Connection timed out > > The remote host or network may be down. Please try the request again. > > Your cache administrator is support@xxxxxxxxxxxx > Generated Thu, 13 Sep 2007 07:23:48 GMT by worf.mydomain.dk > (squid/2.5.STABLE9) > > ********* -- - Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support - - $25/pm entry-level bandwidth-capped VPSes available in WA -