<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<br>
-----BEGIN PGP SIGNED MESSAGE----- <br>
Hash: SHA256 <br>
<br>
You haven't permissive rule for localnet.<br>
<br>
<br>
03.08.2016 22:53, Harsha S Aryan пишет:<br>
<span style="white-space: pre;">><br>
> ---------- Forwarded message ----------<br>
> From: *Harsha S Aryan* <<a class="moz-txt-link-abbreviated" href="mailto:harsha.s.aryan@gmail.com">harsha.s.aryan@gmail.com</a>
<a class="moz-txt-link-rfc2396E" href="mailto:harsha.s.aryan@gmail.com"><mailto:harsha.s.aryan@gmail.com></a>><br>
> Date: Wed, Aug 3, 2016 at 10:22 PM<br>
> Subject: All website getting Blocked<br>
> To: <a class="moz-txt-link-abbreviated" href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a>
<a class="moz-txt-link-rfc2396E" href="mailto:squid-users@lists.squid-cache.org"><mailto:squid-users@lists.squid-cache.org></a><br>
><br>
><br>
> Hi,<br>
><br>
> All website getting Blocked <br>
> using squid3<br>
> ubuntu 14.04<br>
> Squid Cache: Version 3.3.8<br>
><br>
><br>
> conf file <br>
><br>
><br>
> auth_param basic children 5<br>
> auth_param basic realm Squid proxy-caching web server<br>
> auth_param basic credentialsttl 2 hours<br>
> auth_param basic casesensitive off<br>
> acl allowed_sites dstdomain "/etc/squid3/Allowed_Sites.txt"<br>
> acl blocked_ip src "/etc/squid3/Blocked_Ip.txt"<br>
> acl allowed_ip dst "/etc/squid3/Allowed_Ip.txt"<br>
> acl allcomputers src 192.168.1.0/255.255.255.0
<a class="moz-txt-link-rfc2396E" href="http://192.168.1.0/255.255.255.0"><http://192.168.1.0/255.255.255.0></a><br>
> acl allcomputers src 192.168.2.0/255.255.255.0
<a class="moz-txt-link-rfc2396E" href="http://192.168.2.0/255.255.255.0"><http://192.168.2.0/255.255.255.0></a><br>
> acl all_others dst 0.0.0.0/0.0.0.0
<a class="moz-txt-link-rfc2396E" href="http://0.0.0.0/0.0.0.0"><http://0.0.0.0/0.0.0.0></a><br>
> acl localnet src 10.0.0.0/8 <a class="moz-txt-link-rfc2396E" href="http://10.0.0.0/8"><http://10.0.0.0/8></a> #
RFC1918 possible internal network<br>
> acl localnet src 172.16.0.0/12 <a class="moz-txt-link-rfc2396E" href="http://172.16.0.0/12"><http://172.16.0.0/12></a>
# RFC1918 possible internal network<br>
> acl localnet src 192.168.0.0/16 <a class="moz-txt-link-rfc2396E" href="http://192.168.0.0/16"><http://192.168.0.0/16></a>
# RFC1918 possible internal network<br>
> acl all src all<br>
> acl localhost src 127.0.0.1/32 <a class="moz-txt-link-rfc2396E" href="http://127.0.0.1/32"><http://127.0.0.1/32></a><br>
> acl to_localhost dst 127.0.0.0/8 <a class="moz-txt-link-rfc2396E" href="http://127.0.0.0/8"><http://127.0.0.0/8></a><br>
> acl SSL_ports port 443<br>
> acl Safe_ports port 80 # http<br>
> acl Safe_ports port 21 # ftp<br>
> acl Safe_ports port 443 # https<br>
> acl Safe_ports port 70 # gopher<br>
> acl Safe_ports port 210 # wais<br>
> acl Safe_ports port 1025-65535 # unregistered ports<br>
> acl Safe_ports port 280 # http-mgmt<br>
> acl Safe_ports port 488 # gss-http<br>
> acl Safe_ports port 591 # filemaker<br>
> acl Safe_ports port 777 # multiling http<br>
> acl CONNECT method CONNECT<br>
> http_access deny !Safe_ports<br>
> http_access deny CONNECT !SSL_ports<br>
> http_access allow localhost manager<br>
> http_access deny manager<br>
> http_access allow localhost</span><br>
Add this here:<br>
http_access allow localnet<br>
and reconfigure. That's all.<br>
<span style="white-space: pre;">> http_access deny all<br>
> http_port 3128<br>
> http_port 80 vhost<br>
> hierarchy_stoplist cgi-bin ?<br>
> access_log /var/log/squid3/access.log squid<br>
> refresh_pattern ^ftp: 1440 20% 10080<br>
> refresh_pattern ^gopher: 1440 0% 1440<br>
> refresh_pattern -i (/cgi-bin/|\?) 0 0% 0<br>
> refresh_pattern (Release|Package(.gz)*)$ 0
20% 2880<br>
> refresh_pattern \.js$ 1440 0% 4320<br>
> refresh_pattern \.(PNG|png)$ 1440 0% 4320<br>
> refresh_pattern . 0 20% 4320<br>
> acl shoutcast rep_header X-HTTP09-First-Line ^ICY\s[0-9]<br>
> upgrade_http0.9 deny shoutcast<br>
> acl apache rep_header Server ^Apache<br>
> broken_vary_encoding allow apache<br>
> extension_methods REPORT MERGE MKACTIVITY CHECKOUT<br>
> hosts_file /etc/hosts<br>
> coredump_dir /var/spool/squid3<br>
><br>
> Please let me know if anything is missing<br>
><br>
> -- <br>
> Rehards,<br>
> Harsha <br>
><br>
><br>
><br>
> -- <br>
> Rehards,<br>
> Harsha <br>
><br>
><br>
> _______________________________________________<br>
> squid-users mailing list<br>
> <a class="moz-txt-link-abbreviated" href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a><br>
> <a class="moz-txt-link-freetext" href="http://lists.squid-cache.org/listinfo/squid-users">http://lists.squid-cache.org/listinfo/squid-users</a></span><br>
<br>
-----BEGIN PGP SIGNATURE-----
<br>
Version: GnuPG v2
<br>
<br>
iQEcBAEBCAAGBQJXoicGAAoJENNXIZxhPexGCbIIAJt8ndstXmvXchMIuR0YgEuO
<br>
1B/lA3DY/fR14udGm8BvNtTn2V103Ch8WH97NZ0Rxm11cYZvauQ8OnkHE53aZ9Uk
<br>
J4qVVYBbidLERwRIZQQr559qyYPTZV8khNhSRNJXD1r2Vdl0vJsybIe1IW8D6v33
<br>
aVPQN2tScT4bdDFCDOYN++6Cm+uT+eU8eSR5N56qJg+t4CmQxcEPFGgqHFVP/59c
<br>
i2lVDF7vTcmsMif/HbqUx3fxHa6H6dYliaycmRVHEbApjtwT/TqFGuJsC+PTtjPH
<br>
FHApEXDfZycJh69iVVfJstfTj8yrHpe96EYOCxVdOKc6+tN1XMH2wqflkjALMeM=
<br>
=K5gg
<br>
-----END PGP SIGNATURE-----
<br>
<br>
</body>
</html>