[squid-users] Problem to enter a site.

From: Michael Fern�ndez M <michael_at_michael.cl>
Date: Wed, 30 Jul 2008 12:56:46 -0400

Hi,

I have squid server working and i cannot enter to a site with a form:
the thing is when i complete the form and press submit nothing
happend...

The logs show this (after press submit):

1217433307.700 62 x.x.x.x TCP_MISS/200 4431 POST
http://www.safp.cl/inf_afiliados/infoAfiliacion/consafi.php? -
DIRECT/163.247.55.137 text/html

1217433307.802 53 x.x.x.x TCP_MISS/200 3099 GET
http://www.safp.cl/redirect/javascript/functions.js -
DIRECT/163.247.55.137 text/html

If i try without proxy it works...

The version of squid is: 2.5.9-10sarge5

The configuration is:

http_port 3128
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
hosts_file /etc/hosts
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
cache_mem 32 MB
cache_dir ufs /var/spool/squid 10000 16 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
ftp_user Squid@
ftp_passive on
error_directory /usr/share/squid/errors/Spanish
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl lan src 172.17.0.0/255.255.0.0

acl servidores-locales dst 172.17.0.0/255.255.0.0
acl SSL_ports port 443 563 10000
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http

acl purge method PURGE
acl CONNECT method CONNECT

acl servidor_boton src 172.17.40.37

auth_param ntlm program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 30
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes

###Acceso a sitios comunes
acl srv_citrix src 172.17.40.25/32
acl accesos_comunes dstdomain "/etc/squid/conf/accesos_comunes"
acl ips_safp dst "/etc/squid/conf/ips_allow_safp"

##Activex microsoft
acl sitios_microsoft dstdomain "/etc/squid/conf/sitios_microsoft"
#########

acl redirect_java urlpath_regex /javascript/functions.js

acl sitios_ip dst 192.168.246.150/32
acl bajo proxy_auth "/etc/squid/conf/bajo/usuarios.conf"
acl sitios_bajo dstdomain "/etc/squid/conf/bajo/sitios.conf"
acl ips_bajo dst "/etc/squid/conf/bajo/ips_permitidas.conf"

acl medio proxy_auth "/etc/squid/conf/medio/usuarios.conf"
acl sitios_medio dstdomain "/etc/squid/conf/medio/sitios.conf"
acl ips_medio dst "/etc/squid/conf/medio/ips_permitidas.conf"

acl alto proxy_auth "/etc/squid/conf/alto/usuarios.conf"
acl sitios_alto dstdomain "/etc/squid/conf/alto/sitios.conf"
acl ips_alto dst "/etc/squid/conf/medio/ips_permitidas.conf"

acl webservice dst
"/etc/squid/conf/direcciones_ip_de_servidores_webservice.conf"

http_access allow servidor_boton
http_access allow webservice
http_access allow redirect_java
http_access allow ips_safp
http_access allow accesos_comunes

http_access allow manager localhost
http_access deny manager

http_access deny !Safe_ports
http_access allow CONNECT SSL_ports

http_access allow localhost
http_access allow lan servidores-locales
http_access allow lan sitios_microsoft
http_access allow sitios_ip
http_access allow bajo sitios_bajo
http_access allow bajo ips_bajo
http_access allow medio sitios_medio
http_access allow medio ips_medio
http_access allow alto sitios_alto
http_access allow alto ips_alto

http_access allow purge localhost
http_access deny purge

http_access allow localhost
http_access allow lan

http_reply_access allow all

icp_access allow all

http_access deny all

The strange thing is i have other squid server (the same version) and
with this server the forms works..... and the configuration is very
similar only change some auth acl's

Somebody have any idea?

Thanks!!!!

Michael
Received on Wed Jul 30 2008 - 16:02:53 MDT

This archive was generated by hypermail 2.2.0 : Thu Jul 31 2008 - 12:00:05 MDT