Hi, I wonder if anyone would be able to help me. I'm running IpCop 1.4.18 with squid 2.6STABLE20. I do not have any problem accessing any other web sites through the transparent proxy but I've having trouble accessing Google Earth. Through the proxy, the Google Earth servers cannot be reached. If I access directly it works fine. Based on what I found in the squid docs, I've tried the following lines in squid.conf :- acl ge dstdomain .google.com always_direct allow ge but this does not seem to have any affect. I am a newbe when it comes to squid conf's so can anyone tell me if there are any other magic entries that will solve this problem ? How do i go about investigating the problem ? Many thanks for any help, Pete My complete squid.conf is listed below :- # Do not modify '/var/ipcop/proxy/squid.conf' directly since any changes # you make will be overwritten whenever you resave proxy settings using the # web interface! # # Instead, modify the file '/var/ipcop/proxy/advanced/acls/include.acl' and # then restart the proxy service using the web interface. Changes made to the # 'include.acl' file will propagate to the 'squid.conf' file at that time. shutdown_lifetime 5 seconds icp_port 0 http_port 192.168.1.3:800 transparent acl QUERY urlpath_regex cgi-bin \? cache deny QUERY acl no_cache_domains dstdomain "/var/ipcop/proxy/advanced/acls/dst_nocache.acl" cache deny no_cache_domains cache_effective_user squid cache_effective_group squid umask 022 pid_filename /var/run/squid.pid cache_mem 2 MB cache_dir aufs /var/log/cache 50 16 256 error_directory /usr/lib/squid/advproxy/errors.ipcop/English access_log /var/log/squid/access.log cache_log /var/log/squid/cache.log cache_store_log none useragent_log /var/log/squid/user_agent.log strip_query_terms off log_mime_hdrs off forwarded_for off via off acl within_timeframe time MTWHFAS 00:00-24:00 acl all src 0.0.0.0/0.0.0.0 acl localhost src 127.0.0.1/255.255.255.255 acl SSL_ports port 443 # https acl SSL_ports port 563 # snews acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 563 # snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 800 # Squids port (for icons) acl IPCop_http port 81 acl IPCop_https port 445 acl IPCop_ips dst 192.168.1.3 acl IPCop_networks src "/var/ipcop/proxy/advanced/acls/src_subnets.acl" acl IPCop_servers dst "/var/ipcop/proxy/advanced/acls/src_subnets.acl" acl IPCop_green_network src 192.168.1.0/255.255.255.0 acl IPCop_green_servers dst 192.168.1.0/255.255.255.0 acl CONNECT method CONNECT #Start of custom includes acl ge dstdomain .google.com always_direct allow ge #End of custom includes #Access to squid: #local machine, no restriction http_access allow localhost #GUI admin if local machine connects http_access allow IPCop_ips IPCop_networks IPCop_http http_access allow CONNECT IPCop_ips IPCop_networks IPCop_https #Deny not web services http_access deny !Safe_ports http_access deny CONNECT !SSL_ports #Set custom configured ACLs http_access allow IPCop_networks within_timeframe http_access deny all #Strip HTTP Header header_access X-Forwarded-For deny all header_access Via deny all maximum_object_size 8192 KB minimum_object_size 0 KB request_body_max_size 0 KB reply_body_max_size 0 allow all visible_hostname ipcop.localdomain
