> Elvar wrote: >> Hello, >> >> I've followed the following >> http://wiki.squid-cache.org/SquidFaq/WindowsUpdate and it does work... >> with a catch. In my scenario Dansguardian is running in front of Squid >> on the LAN IP of the firewall which is 172.30.1.2:8888. Squid is >> running on 127.0.0.1:3128. Dansguardian forwards incoming traffic to >> Squid which then goes out to the net. Even following the directions in >> that URL with the port / ip setup above, windows updates do not work. >> In order for me to get them to work, I have to move squid to >> 172.30.1.2 to share the same listen IP as Dansguardian. I do not >> understand why this matters, but it's the only way it ever works. This >> is the case for me on multiple firewalls deployed at difference places. >> >> Can anyone tell me why it will not work with squid listening on >> 127.0.0.1? >> >> >> Thanks, >> Elvar >> > > Please disregard, I figured it out. I forgot to add 'localhost' to the > http_access lines for windows update. Once I did it started working > perfectly. <snip> > http_access allow CONNECT wuCONNECT localnet > http_access allow CONNECT wuCONNECT localnet2 > http_access allow CONNECT wuCONNECT localhost > http_access allow windowsupdate localnet > http_access allow windowsupdate localnet2 > http_access allow windowsupdate localhost > Thanks for picking up on this Elvar. I've updated the wiki entry to point out this use-case and solution. Amos
