I'm not sure what I'm trying to describe.
This webcache proxy is not used for any security what so ever. We have other
filtering devices. This proxy is only designed to cache websites. For the
most part it is working well.
But, we have some users that try to access intranet sites vie a web console
and they get "access denied" from squid. I'm thinking that it is probably
that these intranet sites open up a port that is restricted by squid in some
way. I'm wanting to pass through all traffic on all ports for all client
computers who are accessing an ip address of 10.0.0.0. I want these sites
just get passed through the proxy without caching the data.
Here is my current squid.conf
http_port 3128
# acl QUERY urlpath_regex cgi-bin \? #Removed by Amos, suggested to speed up
web sites using media
cache_mem 512 MB # May need to set lower if I run low on RAM
maximum_object_size_in_memory 4096 KB #Increased by Amos, suggested to speed
up web sites using media
maximum_object_size 1 GB
cache_dir aufs /cache 500000 256 256
redirect_rewrites_host_header off
cache_replacement_policy lru
acl all src all
acl localnet src 10.60.0.0/255.255.0.0
acl localhost src 127.0.0.1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/8
acl Safe_ports port 80 443 210 119 70 21 1025-65535
acl SSL_Ports port 443
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_Ports
http_access allow localnet
http_access allow localhost
http_access deny all
icp_port 0
refresh_pattern \.jpg$ 3600 50% 60
refresh_pattern \.gif$ 3600 50% 60
refresh_pattern \.css$ 3600 50% 60
refresh_pattern \.js$ 3600 50% 60
refresh_pattern \.html$ 300 50% 10
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
access_log /var/log/squid/access.log squid
visible_hostname AHSPX01
-- View this message in context: http://www.nabble.com/how-do-I-pass-through-the-proxy-for-all-data-within-the-intranet-tp25995121p25995121.html Sent from the Squid - Users mailing list archive at Nabble.com.Received on Wed Oct 21 2009 - 15:44:45 MDT
This archive was generated by hypermail 2.2.0 : Thu Oct 22 2009 - 12:00:03 MDT