[squid-users] CentOS6 and squid34 package ...
Walter H.
Walter.H at mathemainzel.info
Thu May 25 08:19:00 UTC 2017
Hello
what is the essential difference between the default squid package and
this squid34 package,
as I have problems using this squid34 package for FTP connections;
there are no shown icons, when going to e.g. ftp://ftp.adobe.com/
when I tell the browser to show the image then I get this squid
generated message ...
the same config /etc/squid/squid.conf works with the default squid
package ...
<message>
While trying to retrieve the URL:
http://proxy.local:3128/squid-internal-static/icons/silk/folder.png
<http://zbox-ci323.waldinet.local:3128/squid-internal-static/icons/silk/folder.png>
The following error was encountered:
* *Access Denied. *
Access control configuration prevents your request from being allowed at
this time.
Please contact your service provider if you feel this is incorrect.
Your cache administrator is ...
------------------------------------------------------------------------
Generated Thu, 25 May 2017 06:50:02 GMT by proxy.local (squid/3.4.14)
</message>
has anybody the hint for me, what is wrong ..., here is the
/etc/squid/squid.conf
<squid.conf>
acl localnet src 192.168.1.0/24
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access deny to_localhost
http_access allow localnet
http_access allow localhost
http_access deny all
http_reply_access allow all
http_port 3128
cache_dir ufs /var/spool/squid 16400 16 256
coredump_dir /var/spool/squid
nonhierarchical_direct off
visible_hostname proxy.local
unique_hostname proxy.local
forwarded_for off
cache_mem 2560 MB
icon_directory /usr/share/squid/icons
error_directory /etc/squid/errors
as_whois_server whois.ra.net
logformat combined %>A %[ui %[un [%tl] "%rm %ru HTTP/%rv" %>Hs %<st
"%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
access_log /var/log/squid/access.log combined
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
</squid.conf>
the same host has a running apache, where host proxy.local is a password
protected web, which has the folling
for port 80
<virt. host>
RewriteCond %{HTTP_HOST} ^proxy\.local(:80)?$ [NC]
RewriteRule ^/(.*)$ https://proxy.local/$1 [L,R=301]
</virt. host>
for port 443
<virt. host>
<Location />
AuthName Firewall/Router
AuthType Basic
AuthUserFile /var/www/passwrds
Require User admin
</Location>
</virt. host>
/var/log/squid/access.log has this ...
<squid log>
client - - [25/May/2017:08:50:02 +0200] "GET
http://proxy.local:3128/squid-internal-static/icons/silk/folder.png
HTTP/1.1" 403 1655 "ftp://ftp.adobe.com/" "UserAgent" TCP_DENIED:HIER_NONE
</squid log>
the apache doesn't log anything in connection with this ...
has anybody the hint for me, what is causing this?
Thanks,
Walter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20170525/0fce6b1d/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3491 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20170525/0fce6b1d/attachment-0001.bin>
More information about the squid-users
mailing list