[squid-users] Problem with login to website by Squid web proxy 3.5.20 on Centos 7

Kurczewski, Bartłomiej (WP.PL) iziz1 at poczta.wp.pl
Thu Jul 20 08:24:20 UTC 2017 

Hi Eliezer,
According to your and Amos suggestions I have change squid.conf by
making "via on" and setting only "forwarded_for transparent".
And I can login to TechData website (which is not a bank, but IT
technology distributor) without any problems.
Thank you for you advice and help.

Rgdrs,
iziz1

W dniu 2017-07-20 o 10:04, Eliezer Croitoru pisze:
> Hey iziz1,
> 
> Try to work with what Amos suggested.
> Try to first turn on the via ie:
> via on
> 
> and see if still works fine.
> If indeed it works fine then try to change the 
> forwarded_for delete
> into
> forwarded_for transparent
> 
> and see what works for you.
> It’s better to leave the via on and not off.
> But from what I understand it seems that this site(is it a bank?) is broken and their webmaster and security personal should be aware of your findings for their sake.
> It can cause their system act in a very weird way.
> 
> All The Bests,
> Eliezer
> 
> ----
> Eliezer Croitoru
> Linux System Administrator
> Mobile: +972-5-28704261
> Email: eliezer at ngtech.co.il
> 
> 
> 
> -----Original Message-----
> From: Kurczewski, Bartłomiej (WP.PL) [mailto:iziz1 at poczta.wp.pl] 
> Sent: Thursday, July 20, 2017 10:20
> To: Eliezer Croitoru <eliezer at ngtech.co.il>; squid-users at lists.squid-cache.org
> Subject: Re: [squid-users] Problem with login to website by Squid web proxy 3.5.20 on Centos 7
> 
> Hi Eliezer,
> First of all I would like to thank you for fast answer.
> And my second "thanks" is for your help.
> Your solution works, and the problem has been solved.
> 
> Regards,
> iziz1
> 
> W dniu 2017-07-19 o 20:08, Eliezer Croitoru pisze:
>> Hey iziz1,
>>
>> Can you try to add squid.conf the next and see if it affects anything:
>> forwarded_for delete
>> via off
>>
>> http://www.squid-cache.org/Doc/config/via/
>> http://www.squid-cache.org/Doc/config/forwarded_for/
>>
>> And see if it changes anything?
>>
>> Let Me Know if something changes,
>> Eliezer
>>
>> ----
>> Eliezer Croitoru
>> Linux System Administrator
>> Mobile: +972-5-28704261
>> Email: eliezer at ngtech.co.il
>>
>>
>>
>> -----Original Message-----
>> From: squid-users [mailto:squid-users-bounces at lists.squid-cache.org] On Behalf Of Kurczewski, Bart?omiej (WP.PL)
>> Sent: Tuesday, July 18, 2017 15:56
>> To: squid-users at lists.squid-cache.org
>> Subject: [squid-users] Problem with login to website by Squid web proxy 3.5.20 on Centos 7
>>
>> Hi,
>> I have a problem to login to one website (http://intouch.techdata.com)
>> using Squid 3.5.20 on Centos 7 with default Squid configuration, which
>> is acting as web proxy (non-transparent) on 3128 port in my network:
>>
>> --------------------------------------------------------------------------
>> #
>> # Recommended minimum configuration:
>> #
>>
>> # Example rule allowing access from your local networks.
>> # Adapt to list your (internal) IP networks from where browsing
>> # should be allowed
>> acl localnet src 10.0.0.0/8	# RFC1918 possible internal network
>> acl localnet src 172.16.0.0/12	# RFC1918 possible internal network
>> acl localnet src 192.168.0.0/16	# RFC1918 possible internal network
>> acl localnet src fc00::/7       # RFC 4193 local private network range
>> acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged)
>> machines
>>
>> acl SSL_ports port 443
>> acl Safe_ports port 80		# http
>> acl Safe_ports port 21		# ftp
>> acl Safe_ports port 443		# https
>> acl Safe_ports port 70		# gopher
>> acl Safe_ports port 210		# wais
>> acl Safe_ports port 1025-65535	# unregistered ports
>> acl Safe_ports port 280		# http-mgmt
>> acl Safe_ports port 488		# gss-http
>> acl Safe_ports port 591		# filemaker
>> acl Safe_ports port 777		# multiling http
>> acl CONNECT method CONNECT
>>
>> #
>> # Recommended minimum Access Permission configuration:
>> #
>> # Deny requests to certain unsafe ports
>> http_access deny !Safe_ports
>>
>> # Deny CONNECT to other than secure SSL ports
>> http_access deny CONNECT !SSL_ports
>>
>> # Only allow cachemgr access from localhost
>> http_access allow localhost manager
>> http_access deny manager
>>
>> # We strongly recommend the following be uncommented to protect innocent
>> # web applications running on the proxy server who think the only
>> # one who can access services on "localhost" is a local user
>> #http_access deny to_localhost
>>
>> #
>> # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
>> #
>>
>> # Example rule allowing access from your local networks.
>> # Adapt localnet in the ACL section to list your (internal) IP networks
>> # from where browsing should be allowed
>> http_access allow localnet
>> http_access allow localhost
>>
>> # And finally deny all other access to this proxy
>> http_access deny all
>>
>> # Squid normally listens to port 3128
>> http_port 3128
>>
>> # Uncomment and adjust the following to add a disk cache directory.
>> #cache_dir ufs /var/spool/squid 100 16 256
>>
>> # Leave coredumps in the first cache dir
>> coredump_dir /var/spool/squid
>>
>> #
>> # Add any of your own refresh_pattern entries above these.
>> #
>> refresh_pattern ^ftp:		1440	20%	10080
>> refresh_pattern ^gopher:	1440	0%	1440
>> refresh_pattern -i (/cgi-bin/|\?) 0	0%	0
>> refresh_pattern .		0	20%	4320
>> ------------------------------------------------------------------------------
>>
>>
>> In a FF browser with my Squid server settings I put correct password on
>> techdata website, but webpage redirect me to the same web form and
>> doesn't allow to login. The password is correct, because when I put
>> wrong password I got JavaScript alert from this website that password is
>> incorrect.
>>
>> When I disable using Squid proxy in FF and use normal PAT connection via
>> my Juniper firewall everything works perfect on the same machine and I
>> can login to TechData website.
>> I Squid access.log I can see only this:
>>
>> -----------------------------------------------------------------
>> 1500364995.497    140 10.48.22.33 TCP_MISS/302 735 GET
>> http://intouch.techdata.com/intouch/Home.aspx? -
>> HIER_DIRECT/192.230.78.204 text/html
>> -----------------------------------------------------------------
>>
>> I suspect some problems with redirection on TechData website, but spend
>> hours in Internet to find solution, unfortunately without success....
>> Maybe you can help me?
>>
>> Regards,
>> iziz1
>>
>> _______________________________________________
>> squid-users mailing list
>> squid-users at lists.squid-cache.org
>> http://lists.squid-cache.org/listinfo/squid-users
>>
>>
>>
> 
> 
>

More information about the squid-users mailing list