[squid-users] CentOS6 and squid34 package ...

Walter H. Walter.H at mathemainzel.info
Thu May 25 08:19:00 UTC 2017


Hello

what is the essential difference between the default squid package and 
this squid34 package,
as I have problems using this squid34 package for FTP connections;
there are no shown icons, when going to e.g. ftp://ftp.adobe.com/
when I tell the browser to show the image then I get this squid 
generated message ...

the same config /etc/squid/squid.conf works with the default squid 
package ...

<message>
While trying to retrieve the URL: 
http://proxy.local:3128/squid-internal-static/icons/silk/folder.png 
<http://zbox-ci323.waldinet.local:3128/squid-internal-static/icons/silk/folder.png> 


The following error was encountered:

  * *Access Denied. *

Access control configuration prevents your request from being allowed at 
this time.
Please contact your service provider if you feel this is incorrect.

Your cache administrator is ...

------------------------------------------------------------------------
Generated Thu, 25 May 2017 06:50:02 GMT by proxy.local (squid/3.4.14)

</message>

has anybody the hint for me, what is wrong ..., here is the 
/etc/squid/squid.conf

<squid.conf>
acl localnet src 192.168.1.0/24

acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access deny to_localhost
http_access allow localnet
http_access allow localhost
http_access deny all
http_reply_access allow all

http_port 3128

cache_dir ufs /var/spool/squid 16400 16 256
coredump_dir /var/spool/squid

nonhierarchical_direct off

visible_hostname proxy.local
unique_hostname proxy.local

forwarded_for off
cache_mem 2560 MB

icon_directory /usr/share/squid/icons
error_directory /etc/squid/errors

as_whois_server whois.ra.net

logformat combined %>A %[ui %[un [%tl] "%rm %ru HTTP/%rv" %>Hs %<st 
"%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
access_log /var/log/squid/access.log combined

refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern .               0       20%     4320
</squid.conf>

the same host has a running apache, where host proxy.local is a password 
protected web, which has the folling

for port 80
<virt. host>
RewriteCond %{HTTP_HOST} ^proxy\.local(:80)?$ [NC]
RewriteRule ^/(.*)$ https://proxy.local/$1 [L,R=301]
</virt. host>

for port 443
<virt. host>
<Location />
         AuthName Firewall/Router
         AuthType Basic
         AuthUserFile /var/www/passwrds
         Require User admin
</Location>
</virt. host>

/var/log/squid/access.log has this ...
<squid log>
client - - [25/May/2017:08:50:02 +0200] "GET 
http://proxy.local:3128/squid-internal-static/icons/silk/folder.png 
HTTP/1.1" 403 1655 "ftp://ftp.adobe.com/" "UserAgent" TCP_DENIED:HIER_NONE
</squid log>

the apache doesn't log anything in connection with this ...

has anybody the hint for me, what is causing this?

Thanks,
Walter

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20170525/0fce6b1d/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3491 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20170525/0fce6b1d/attachment-0001.bin>


More information about the squid-users mailing list