RE: [squid-users] squid as firewall/redirector and windowsupdate from Matt Ashfield on 2005-07-28 (squid-users)

From: Matt Ashfield <mda@dont-contact.us>
Date: Thu, 28 Jul 2005 11:46:40 -0300

I can get to windowsupdate and Microsoft. The problem I believe is getting
to the https portion of windowsupdate. What should I include in my iptables
rules to allow this to happen? Obviously I redirect all traffic destined to
port 80 to port 3128, but should I also do the same for port 443 requests as
well?

Cheers

Matt

-----Original Message-----
From: Brett Lymn [mailto:blymn@baesystems.com.au]
Sent: July 27, 2005 9:16 PM
To: Matt Ashfield
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] squid as firewall/redirector and windowsupdate

On Wed, Jul 27, 2005 at 11:25:10AM -0300, Matt Ashfield wrote:
>
> This does not work as the windowsupdate process fails part-way through. Is
> there a complete list or better way to do this?
>

This works for us:

acl WindowsUpdate dstdomain .windowsupdate.com
acl WindowsUpdate dstdomain .microsoft.com

Then use that acl to bypass the redirector.

-- 
Brett Lymn

Received on Thu Jul 28 2005 - 08:46:52 MDT

This archive was generated by hypermail pre-2.1.9 : Mon Aug 01 2005 - 12:00:03 MDT