Daniel wrote:
Ok, I was able to get it working this morning. Perhaps someone can update the ConfigExample for Chat to include Windows Live Messenger?? Would someone please explain why what I did worked? To be honest I just decided to give it a shot and since I do not understand the ACL's yet I am confused.
All I did was add the following ACL:
acl msn1 req_mime_type application/x-msn-messenger
So I have two ACL's in regard to the mime type (and I question if I need the first one):
acl msn1 req_mime_type ^application/x-msn-messenger$
acl msn1 req_mime_type application/x-msn-messenger'
Any ideas of why this worked / what I was doing wrong??
Probably nothing wrong. Thank you for finding this.
The ^ and $ mean there is expected to be absolutely no other text in the
mime header. There have been numerous sightings now of mime types with
advanced mime 'preferences' (aka q-values). Which break that pattern
completely.
I suspect you only need the second line (without the ' if thats really
in your config).
I have updated the example config to catch the wider possible types.
Amos
-Daniel
-----Original Message-----
From: Amos Jeffries [mailto:squid3@xxxxxxxxxxxxx]
Sent: Monday, August 03, 2009 7:30 PM
To: Daniel
Cc: Squid-Users@xxxxxxxxxxxxxxx
Subject: Re: Squid 3.1.0.12 allowing MSN Messenger - 502
On Mon, 3 Aug 2009 17:09:31 -0400, "Daniel" <Squid@xxxxxxxxxxxxx> wrote:
Ok, I have been banging my head against a few issues so I'll start with
this
one.
I read on http://wiki.squid-cache.org/ConfigExamples/Chat where I can
make
MSN Messenger work through Squid. I am trying to allow MSN Messenger
(Live)
to work through Squid. I believe the issue is around this 502 error... I
don't know, completely stumped.
MSN Messenger is not he same as MSN Messenger Live.
They are very different programs with very different access needs despite
sharing some of the network servers and being able to talk to each other.
You can help both yourself and others by tracking down exactly what the
program is trying to do. From my own brief brush with Live, I recall it
doing some form or HTTPS or SSL encrypted link directly with the servers
before it was allowed to have any web contact the proxy could relay.
The best bet is to try to isolate the computer running Live and see what
connections its making, how and to where.
Amos
My Squid.conf is the following & the access.log error message:
================ BEGIN squid.conf BEGIN ================
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl TestPoolIPs src 10.211.213.135 10.211.212.40
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl sclthdq01w src 10.211.194.187/32 # custom acl for apache/cache
manager
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access allow manager sclthdq01w
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
#http_access allow localnet
http_access allow localhost
http_access allow TestPoolIPs
# MSN Messenger
acl msn urlpath_regex -i /gateway/gateway.dll
acl msnd dstdomain messenger.msn.com gateway.messenger.hotmail.com
acl msn1 req_mime_type ^application/x-msn-messenger$
http_access allow msnd
http_access allow msn
http_access allow msn1
http_access deny all
http_port 3128
hierarchy_stoplist cgi-bin ?
coredump_dir /usr/local/squid/var/cache
cache_mem 512 MB
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
================ END squid.conf END ================
================ BEGIN access.log snippet BEGIN ================
1249333460.877 167 10.211.212.40 TCP_MISS/502 4074 POST
http://gateway.messenger.hotmail.com/gateway/gateway.dll? -
DIRECT/65.54.239.21 text/html
================ END access.log snippet END ================
I don't believe that this has anything to do with it now, but just as an
FYI
I tried to use another 'regex' command:
acl msn url_regex -i gateway.dll
--
Please be using
Current Stable Squid 2.7.STABLE6 or 3.0.STABLE17
Current Beta Squid 3.1.0.12