Talk to the firehol group; squid probably hasn't anything to do with this.
Adrian
On Thu, Sep 13, 2007, Michael Harly wrote:
> Every thing working fin on our Debian firewall box
> we can access any utl with firefox, but we have block most url for using
> IE and only allow very few utl ie: microfost update
>
> but now we have to url we can't access
>
> Our firewall box is:
> Debian = 3.1
> firewall = firehol v.5
> proxy = squid v2.5
>
> when we connect our new office whey want to access to url that they need
> to access but was block by our firewall box but i can't fine any
> entry's about this url.
>
> I have put them in the allow list but nothing helps
>
> We can connect the url from the outside on our firewall
>
> In the syslog i get this
> Sep 13 09:23:48 worf kernel: OUT-unknown:IN= OUT=eth2 SRC=129.142.24.162
> DST=89.104.212.25 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=6700 DF PROTO=TCP
> SPT=59858 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
>
> In squid log I get:
> 2352524545.344 3495897 ip-adr TCP_miss/504 1422 get
> http://www.comendo.dk - none/ - text/html
>
> HTTP Error 504 - Gateway timeout
>
> please help!
>
> best regard
> /harly
>
> The error page I get in Firefox after a log time:
> ****
> ERROR
> The requested URL could not be retrieved
>
> While trying to retrieve the URL: http://www.comendo.dk/
>
> The following error was encountered:
>
> * Connection Failed
>
> The system returned:
>
> (110) Connection timed out
>
> The remote host or network may be down. Please try the request again.
>
> Your cache administrator is support@uniscrap.dk.
> Generated Thu, 13 Sep 2007 07:23:48 GMT by worf.mydomain.dk
> (squid/2.5.STABLE9)
>
> *********
-- - Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support - - $25/pm entry-level bandwidth-capped VPSes available in WA -Received on Thu Sep 13 2007 - 04:43:35 MDT
This archive was generated by hypermail pre-2.1.9 : Mon Oct 01 2007 - 12:00:02 MDT