[squid-users] RE: CONNECT issues

From: Adam Aube <[email protected]>
Date: Thu, 27 Jan 2005 10:44:41 -0500

Please don't top post (which is putting your reply above the original
message) - it makes the thread hard to follow.

Diamond King wrote:
> --- Henrik Nordstrom <hno@squid-cache.org> wrote:
>> On Mon, 10 Jan 2005, Diamond King wrote:

>>> I`ve checked the configuration file and it seems
>>> that only port 443 and 563 were connected to
>>> SSL_Ports acl rule.

>> You then have some error in your http_access rules,
>> allowing things you did not intend to allow.

> Sorry for late reply. After further tracking, i
> managed to re-check the squid configuration files and
> below are the acls list :-

[default Squid ACLs snipped]

> http_access deny Bad_Domains
> http_access deny Bad_Ports
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> http_access allow localhost
> http_access allow our_networks
> http_access allow manager localhost

> After restart squid, i viewed the access.log files to
> watch out for CONNECT strings. Well, this time, it is
> different though. There are no more TCP_MISS:DIRECT at
> the end of the log, instead, i got TCP:DENIED. Does
> this mean i am successfully block those p2p or
> tunneling softwares?

TCP_DENIED indicates that Squid refused to serve the request. So if you are
seeing TCP_DENIED for the traffic that was previously showing TCP_MISS,
then yes, you are successfully blocking the P2P tunneling software.

Adam
Received on Thu Jan 27 2005 - 08:50:26 MST

This archive was generated by hypermail pre-2.1.9 : Mon Mar 07 2005 - 12:59:36 MST