[squid-users] Squid - Can't visit (government site and Banking Site) - Please help

russel0901 osantosmyr at gmail.com
Fri Apr 24 21:09:03 UTC 2020


I am having a problem on my squid proxy

this settings is allow all but i can't visit sites like bancnetonline, rcbc,
philhealth (govt and bank site)

sometimes it can be visited, sometimes not... (weird???)

Please Help thank you.


here is my squid conf...

max_filedesc 4096
request_header_access X-Forwarded-For allow all
via off
httpd_suppress_version_string on

http_port 3333
icp_port 3535

hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 32 MB
maximum_object_size 5480 KB
cache_dir ufs /home/squidcache 6000 16 256
#cache_dir ufs /home/squidcache2 6000 16 256
cache_access_log /home/squidcache/access.log
cache_log /dev/null
cache_store_log none
ftp_user Squid at mds.com.sg
dns_defnames on
request_body_max_size 10000 MB
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern .               0       20%     4320
negative_ttl 1 minute
negative_dns_ttl 5 minute
connect_timeout 60 minute
read_timeout 5 minute
request_timeout 60 second
client_lifetime 4 hour
half_closed_clients off
pconn_timeout 240 second
shutdown_lifetime 5 second
#acl localhost src 127.0.0.1/32 ::1
#acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl SSL_ports port 443 563 8003 8000 8080 8020 8021 8030 8031 8053 9053
acl Safe_ports port 80 81 88 21 443 563 70 210 1025-65535
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl PURGE method purge
acl manager proto cache_object
acl apache src 10.20.0.245

acl QUERY urlpath_regex -i owa
acl QUERY2 urlpath_regex cgi-bin \?
acl QUERY3 urlpath_regex -i php
acl dontcache dstdomain "/etc/squid/dontcache"
no_cache deny QUERY
no_cache deny QUERY2
no_cache deny QUERY3
always_direct allow dontcache


#allowed sites
acl blockedsites dstdomain "/etc/squid/blockedsites"
acl allowedsites dstdomain "/etc/squid/authorizedsites"
acl tahiti src 172.16.20.254/32
acl elmo src 10.20.0.254/32
acl mnlnet2 src "/etc/squid/authorized"


http_access allow dontcache
http_access allow manager apache
http_access allow all
http_access allow elmo
#http_access allow localhost
#http_access allow purge localhost
#http_access allow manager localhost
http_access allow mnlnet2
http_access allow tahiti
http_access deny !Safe_ports
#http_access deny manager
http_access deny CONNECT !SSL_ports
http_access deny purge
http_access deny blockedsites


#icp_access  allow  localhost
icp_access allow all
icp_access allow elmo
icp_access allow tahiti
icp_access allow mnlnet2
miss_access allow all

cache_mgr xxxxxx

cache_effective_user squid
cache_effective_group squid
visible_hostname xxxxxx
append_domain .globalsources.com
memory_pools off
log_icp_queries off
client_db off

check_hostnames off



--
Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html


More information about the squid-users mailing list