Hi there, I noticed one of the clients accessing the squid proxy is not fetching the data, 10.254.66.142 - - [21/Nov/2011:12:49:01 +0100] "CONNECT xmlrpc.rhn.redhat.com:443 HTTP/1.1" 200 6668 TCP_MISS:DIRECT 10.254.66.142 - - [21/Nov/2011:12:49:06 +0100] "CONNECT xmlrpc.rhn.redhat.com:443 HTTP/1.1" 200 6583 TCP_MISS:DIRECT Squid proxy can connect with this address so problem is not the firewall, # telnet xmlrpc.rhn.redhat.com 443 Trying 209.132.183.44... Connected to xmlrpc.rhn.redhat.com (209.132.183.44). Escape character is '^]'. ^] The squid.conf has the entry to allow 443, acl SSL_ports port 443 563 22 acl Safe_ports port 443 563 22 I have an ACL specified for the subnet: acl 10.254.66 src 10.254.66.0/22 http_access allow 10.254.66 Finally, the squid -v results, # squid -v Squid Cache: Version 2.6.STABLE21 configure options: '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '--target=x86_64-redhat-linux-gnu' '--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--includedir=/usr/include' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--sharedstatedir=/usr/com' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--exec_prefix=/usr' '--bindir=/usr/sbin' '--libexecdir=/usr/lib64/squid' '--localstatedir=/var' '--datadir=/usr/share' '--sysconfdir=/etc/squid' '--enable-arp-acl' '--enable-epoll' '--enable-snmp' '--enable-removal-policies=heap,lru' '--enable-storeio=aufs,coss,diskd,null,ufs' '--enable-ssl' '--with-openssl=/usr/kerberos' '--enable-delay-pools' '--enable-linux-netfilter' '--with-pthreads' '--enable-ntlm-auth-helpers=SMB,fakeauth' '--enable-external-acl-helpers=ip_user,ldap_group,unix_group,wbinfo_group' '--enable-auth=basic,digest,ntlm,negotiate' '--enable-negotiate-auth-helpers=squid_kerb_auth' '--enable-digest-auth-helpers=password' '--with-winbind-auth-challenge' '--enable-useragent-log' '--enable-referer-log' '--disable-dependency-tracking' '--enable-cachemgr-hostname=localhost' '--enable-underscores' '--enable-basic-auth-helpers=LDAP,MSNT,NCSA,PAM,SMB,YP,getpwnam,multi-domain-NTLM,SASL' '--enable-cache-digests' '--enable-ident-lookups' '--enable-follow-x-forwarded-for' '--enable-wccpv2' '--enable-fd-config' '--with-maxfd=16384' 'build_alias=x86_64-redhat-linux-gnu' 'host_alias=x86_64-redhat-linux-gnu' 'target_alias=x86_64-redhat-linux-gnu' 'CFLAGS=-D_FORTIFY_SOURCE=2 -fPIE -Os -g -pipe -fsigned-char' 'LDFLAGS=-pie I do get an ACL warning, but am unsure if its the reason the data is not served. aclParseIpData: WARNING: Netmask masks away part of the specified IP in '10.254.66.0/22' Does anyone know what I've missed? Best regards.
