Hi all, I am running Squid 2.6 Stable 3 in Transparent mode and none of my users can access msnbc.com from behind the our cache. The cache box itself has no problem reaching the site via wget, lynx, or telnet. The strange part is that if you have a direct url to one of their CSS files it loads fine when behind squid. I can also telnet into msnbc.com from machines behind the proxy as well. I have added into my conf file the following which had no effect: acl msnbc dstdomain .msnbc.msn.com cache deny msnbc I have tried this with no luck as well > http://wiki.squid-cache.org/SquidFaq/SystemWeirdnesses#head-699d810035c0 99c8b4bff21e12bb365438a21027 Note: msnbc.com redirects to www.msnbc.msn.com. We can get to msn.com just fine, as well as cnbc.com. I think there is a problem w/ my conf file with the rewrite statements I have in conjunction w/ how msnbc redirects their traffic. I have attached my conf file below. Any help would be greatly appreciated. ---------------------------------------- http_port 81 transparent tproxy http_port 3128 acl apache rep_header Server ^Apache broken_vary_encoding allow apache cache_mem 525 MB cache_swap_low 93 cache_swap_high 95 maximum_object_size 300 MB maximum_object_size_in_memory 100 MB cache_replacement_policy heap LFUDA memory_replacement_policy heap GDSF cache_dir aufs /var/spool/squid/ 20480 16 256 access_log /var/log/squid/access.log log_fqdn on ftp_user proxy@xxxxxxxxxxxxxxxxx ftp_list_width 64 hosts_file /etc/hosts acl adzapports myport 81 acl adzapmethods method HEAD GET url_rewrite_access deny !adzapmethods url_rewrite_access allow adzapports refresh_pattern ^ftp: 1440 20% 10080 reload-into-ims refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 reload-into-ims refresh_pattern cgi-bin 0 0% 0 refresh_pattern \? 0 0% 0 refresh_pattern . 0 20% 4320 refresh_pattern (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 quick_abort_min 64 KB quick_abort_max 512 KB quick_abort_pct 50 range_offset_limit 1 MB acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 # https acl SSL_ports port 563 # snews acl SSL_ports port 873 # rsync acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 873 # rsync acl purge method PURGE acl CONNECT method CONNECT refresh_pattern -i \.flv$ 10080 90% 999999 ignore-no-cache override-expire ignore-private quick_abort_min -1 KB acl youtube dstdomain .youtube.com cache allow youtube hierarchy_stoplist cgi-bin ? cache allow all http_access allow manager localhost http_access deny manager http_access allow purge localhost http_access deny purge http_access deny !Safe_ports http_access deny CONNECT !SSL_ports acl gtn_lan src 10.1.1.0/24 acl gtn_lan2 src 10.100.1.0/24 http_access allow gtn_lan http_access allow gtn_lan2 http_access allow localhost http_access deny all http_reply_access allow all icp_access allow all tcp_outgoing_address 10.100.1.2 log_access deny localhost log_access allow all cache_mgr cache_mgr@xxxxxxxxxxxxxxxxx mail_from squid@xxxxxxxxxxxxxxxxxxxxxxx cache_effective_group proxy httpd_accel_no_pmtu_disc on append_domain .greatertalent.com memory_pools_limit 64 MB via off forwarded_for off snmp_port 3401 acl snmp_public snmp_community public acl snmp_probes src 10.1.1.0/24 acl snmp_probes src 10.100.1.0/24 snmp_access allow snmp_public localhost snmp_probes snmp_access deny all strip_query_terms off coredump_dir /var/spool/squid pipeline_prefetch on
