Squid not allowing port 99
Hello am trying to access the page
http://mail.aajr.com.mx:99/exchange/USA/ but squit does not allowes me it give me the error below is a part of my squid.conf file. what could be the problem???\ ****************************************************************** ERROR The requested URL could not be retrieved -------------------------------------------------------------------------------- While trying to retrieve the URL: http://mail.aajr.com.mx:99/exchange/USA/ The following error was encountered: Connection Failed The system returned: (13) Permission deniedThe remote host or network may be down. Please try the request again. Your cache administrator is root. ******************************************************************* My configuration says ... acl Safe_ports port 99 # exchange ... http_access allow Super http_access allow juany http_access allow adanm http_access deny !msnlogin http_access allow Admin http_access allow verop http_access allow javierg http_access allow ivonne http_access allow paulam http_access allow victorf http_access deny archivos http_access deny !permitidos http_access deny !Safe_ports http_access allow Oficina http_access deny all icp_access allow all cache_effective_user squid cache_effective_group squid log_icp_queries off buffered_logs off |
Well, can you access it outside of squid? If so, it's hard to know what the problem is without seeing those other ACLs (specifically the denys).
|
I can see the pages very well without squid.
this is my complete squid.conf http_port 192.168.1.179:3128 httpd_accel_host virtual httpd_accel_port 80 443 8080 19720 19721 10000 httpd_accel_with_proxy on httpd_accel_uses_host_header on acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY acl all src 192.168.1.1-192.168.1.253 acl manager proto cache_object acl localhost src 127.0.0.1 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 #acl Safe_ports port 80 21 443 563 70 210 280 488 591 777 110 24 99 1025-65535 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftpSafe_ports acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 110 # pop acl Safe_ports port 24 # smtp acl Safe_ports port 99 # exchange acl CONNECT method CONNECT acl Oficina src 192.168.1.1-192.168.1.90 acl Super src 192.168.1.91-192.168.1.120 acl Admin src 192.168.1.121-192.168.1.200 acl adanm src 192.168.1.36 acl verop src 192.168.1.64 acl javierg src 192.168.1.12 acl paulam src 192.168.1.13 acl ivonne src 192.168.1.22 acl victorf src 192.168.1.64 acl juany src 192.168.1.75 #acl DHRouter src 192.167.1.201-192.168.1.240 acl archivos url_regex -i \.mp3$ \.avi$ \.ppt$ \.pps$ \.swf$ \.exe$ acl permitidos dstdomain 192.168.1.188 .dhl.com .odfl.com .dhl.com.mx .ups.com .fedex.com .sanmina-sci.com 201.120.129.187 .aajr.com.mx .aduanet.net .myyellow.com .menloforwarding.com .ups-scs.com .roadway.com .tellabs.com .overnite.com .baxglobal.com .shiputs.com .usfc.com .dhl-usa.com .usfreightways.com .aesdirect.gov .shiputs.net .cdc.gov .osha.gov .free-training.com .sat.gob.mx .hazmat.ci.laredo.tx.us .forwarding.org 200.76.37.170 200.57.148.20 .aduanet.org acl msnlogin dstdomain 192.168.1.188 .dhl.com .odfl.com .dhl.com.mx .ups.com .fedex.com .sanmina-sci.com 201.120.129.187 .aajr.com.mx .aduanet.net .myyellow.com .menloforwarding.com .ups-scs.com .roadway.com .tellabs.com .overnite.com .baxglobal.com .shiputs.com .usfc.com .dhl-usa.com .usfreightways.com .aesdirect.gov .shiputs.net loginnet.passport.com .cdc.gov .free-training.com .osha.gov .sat.gob.mx .hazmat.ci.laredo.tx.us .forwarding.org 200.76.37.170 200.57.148.20 .aduanet.org http_access allow Super http_access allow juany http_access allow adanm http_access deny !msnlogin http_access allow Admin http_access allow verop http_access allow javierg http_access allow ivonne http_access allow paulam http_access allow victorf http_access deny archivos http_access deny !permitidos http_access allow Oficina http_access deny all icp_access allow all cache_effective_user squid cache_effective_group squid log_icp_queries off buffered_logs off deny_info http://192.168.1.188/Restricted.htm permitidos msnlogin |
I don't see any http_access rule in that latest squid.conf relating to the Safe_ports ACL. You define it but don't use it.
|
i have tried like this with out a success
http_access allow Super http_access allow juany http_access allow adanm http_access deny !msnlogin http_access allow Admin http_access allow verop http_access allow javierg http_access allow ivonne http_access allow paulam http_access allow victorf http_access deny archivos http_access deny !permitidos http_access deny !Safe_ports http_access allow Oficina http_access deny all and http_access deny !Safe_ports http_access deny !permitidos |
Unfortunately I don't have a squid installation up and running at the moment or I could be a little more helpful with testing.
First off, I believe this is the correct notation: Code:
acl Safe_ports port 80 21 443 563 70 210 280 488 591 777 110 24 99 1025-65535 Also, just for grins, you might try: Code:
http_access allow Safe_ports |
i already tired without success.....
any other ideas? |
All times are GMT -5. The time now is 11:13 PM. |