[squid-users] Squid blocking 192.168.x.x
shieldfire at gmail.com
Fri Sep 27 10:52:16 UTC 2019
That was it. Somehow I was confused and thought that Safe_ports and
SSL_ports were kindof similar. I obviously need to be less confused and
"think" less (rather "know" more).
Thank you for you time and help!
Den fre 27 sep. 2019 kl 12:03 skrev Matus UHLAR - fantomas <
uhlar at fantomas.sk>:
> >> On 27/09/19 7:56 pm, Martin S wrote:
> >> > OK, did that
> >> >
> >> > # Example rule allowing access from your local networks.
> >> > # Adapt localnet in the ACL section to list your (internal) IP
> >> > # from where browsing should be allowed
> >> > http_access allow localnet
> >> > http_access allow localhost
> >> >
> >> > # And finally deny all other access to this proxy
> >> > http_access deny all
> >> >
> >> > I now noticed that it denies access through https.
> >Den fre 27 sep. 2019 kl 10:26 skrev Amos Jeffries <squid3 at treenet.co.nz>:
> >> What are you seeing that makes yo think that?
> >> The config shown with the above change made allows localnet clients to
> >> request https:// URLs through the proxy as well as http:// and the
> >> protocols.
> On 27.09.19 10:54, Martin S wrote:
> >Going to 1http://126.96.36.199:10000 now lets me access the page. However,
> >that page requires a https login. So, there is a link to
> >Clicking the link to go to the https site produces "The proxyserver denies
> >the connection".
> >Changing the internet connection to *not* use Squid, then I have no
> >problems accessing https://192.168.0.6:10000.
> 10000 (i assume webmin) is non-standard port from https point of view.
> within squid it must be allowed.
> acl SSL_ports port 10000
> However, if you can connect directly, you should do so (configure web
> browser to use direct connections to 192.168.*).
> It's possible that CONNECT ports over 1024 will be allowed but this must be
> discused and agreed on (unless such discussion was already done in the near
> past and the agreement was not made).
> Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> Spam is for losers who can't get business any other way.
> squid-users mailing list
> squid-users at lists.squid-cache.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the squid-users