Hi to all... I've recently installed MNF and all works perfectly... In fact I configured proxy manual and works so fine, and like I can't put this like transparent proxy I just redirect petitions to eth1 masquerading to eth0 and Internet Explorer without proxy configuration works so fine (of course without the proxy cache) just adding this two lines to rc.local file
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
echo 1 >/proc/sys/net/ipv4/ip_forward
But the only problem that I have with either the original MNF squid.conf, or my personal squid.conf is that I can access all the web pages or ports especified in shorewall and the others that aren't not specified (I mean the default rules and other that I added), BUT I can't access all the https pages that uses 443 port (a useful example is this web page
https://loginnet.passport.com:443/ )
So I added a especific rule to permit conections trough 443 port, I modified the squid.conf and put all and Still goes on this message (I hate it)
"ERROR The requested URL could not be retrieved
While trying to retrieve the URL: login.passport.net:443
The following error was encountered:
Connection Failed
The system returned:
(111) Connection refused
The remote host or network may be down. Please try the request again.
Your cache administrator is root.
Generated Sat, 25 Jan 2003 09:34:45 GMT by sunlight.mandrakesoft.com
(Squid/2.4.STABLE7)"
So the unique problem is that if I configure Internet Explorer trought my proxy 192.168.1.254:3328 I can't access neither Hotmail web page (or any secure webpage) nor login to MSN Messenger. At the end of this message I put the squid.conf that I'm using now so if anybody can HELLLP ME (that I'm desesperated) I'll be so thankfull...
#-----------------------------------------------------
# DO NOT MODIFY THIS FILE! It is updated automatically
#-----------------------------------------------------
http_port 3328
icp_port 0
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 16 MB
cache_dir diskd /var/spool/squid^M 7120 16 256
half_closed_clients off
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
maximum_object_size 2048 KB
#ACL
acl Eth1 src 192.168.1.0/255.255.255.0
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 563
acl Safe_ports port 80 21 443 563 70 210 1025-65535
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access allow SSL_ports
http_access allow Safe_ports
http_access deny manager
http_access allow localhost
http_access allow Eth1
http_access allow all
icp_access allow all
miss_access allow all