How to bypass squid for accessing website.
Hi,
I am using squid 2.6 (as a proxy server) in my cent os 5 box.The clients computers are factehing the web pages successfully. The firewall (IPTABLES) are already disabled. The problem is we have an internal web based application by which the users add the data in it. when the user type the ip address in the browser i.e http://10.1.7.21:81/mis squid shows Code:
ERROR This means that squid does not understand the address as given in the error message. Kindly help me thanks garden |
Quote:
http://www.howtoforge.com/linux_secure_browsing_squid |
thanks for the reply. Well if we add the IP address in exception then ...? But the thing is how to add the IP address in the exception. MY Linux Firewall is disable. If I enable IPTABLES internet will stop.
I am not expert in IP TABLES hope this forum will guide me how to add rules . thanks |
See what does what. Iptables is another thing, first get squid setup right cause it's squid making the trouble. Did you check out the link I gave you? As I'm not familary with squid i'm of no help there just wanted to get you on the right track.
|
thanks again for the reply. Well I have visited the site and it is not such kind of issue. The squid is working perfact. It is really a :scratch: for me.
zhjim as you mentionded in your post "Squid understands the address it just denies the access" why squid is denying to access the page though the IPTABLES is off garden |
Quote:
Quote:
I just took a quick look at the acl (access list) of the squid manual. Maybe something like this will work Code:
acl allow dst 10.1.7.21:81 But another thing came to my attention. The address that is denied is on port 81. And you possible do not allow this port to be accessed through squid. I never used squid so I might miss something more. But what I can tell you is that the configuration of squid itself denies the access to the site. To be more helpful please post your squid.conf file |
1 Attachment(s)
Again zhjim thanks for the reply. Well the squid.conf file is attached here with the post in text formate.
regards, garden |
Hi gardenair,
took me some time, but now got my head around it. As I thought you did not configure port 81 to be allowed by squid. It's near to the bottom of the config file add this to your config and restart squid Code:
acl Safe_ports port 81 # http2 |
thanks for the reply. Well can You identify under which directive should I add ? i am fail to search its proper location :confused:
acl Safe_ports port 81 # http2 While squid is running how can I make the changes? Is there any command that in run time i can make changes or I stop my squid and then do changes in it? garden |
Quote:
Quote:
To sum it up 1. Add the line to your squid.conf 2. restart service via /etc/init.d/squid restart dunno if /etc/init.d/squid is the right file but with a ls of the /etc/init.d directory you should fairly easy see the right file. |
Also keep in mind that allowing access to port 81 for everything might not be your intent at all. I mean, it sounds like you really only need to allow it for that specific IP, in which case you can be specific, if you wish. For example:
Code:
acl webapp_port port 81 Code:
squid -k reconfigure |
thanks "win32sux" and "zhjim" for your guidance.I have done the things as you mentioned in the post but still no success :banghead:
Yes this is a specific web based application in which we want to access it.In the the client side they are using private IP address like 10.1.50.1 garden |
Whats the error message? Still access denied? Did you restart squid?
@win32sux is the http_access line correct? Your first put the port and then the ip. But I also dunno how squid handles those lines. |
the error message is same as i post in my 1st post. I take all steps correct. Squid is working fine but with http://10.1.7.21:81/mis it show error message.Please see my 1st post.
thanks garden |
Hi there!,
So well, by default squid cannot allow access for the given port, it can handle requests on 80, 443, 21.. etc http://10.1.7.21:81, Since you are running application to custom port 81. add entry in squid.conf acl's were it says acl Safe_ports 80 # http or make a simillar copy of acl entry for Safe_ports for port 81 and you no need to give http access for this acl once again. Since already there will be an entry to allow Safe_ports access in squid.conf by default. |
All times are GMT -5. The time now is 05:39 AM. |