Hi, and thanks that you answered my SOS call. ;-) Because I am an absolute newbe to squid, I feel totally overtaxed with this 48 pages long configuration file squid.conf.
A big please: ------------- Could you - please - leave me a modified one by eMail so that I can compare it with the old one line by line? What I need can be said in one sentence: All clients shall have no access problems to usual Internet web-services when PROXY is configured for http, https and ftp. If squid acts as cache or as a simple forwarder does not matter, but it should keep an updated log of all accessed files to allow analyzing which user downloaded which file(s), because WEB is a security hole (user could download executables/worms and bring in a virus hereby). Is there an easy possibility to block downloading of *.vbs/*.exe/... ? Your help will... a.) lead to an immediately working solution, and ... b.) give me the possibility to understand it better Thanks a lot in advance. My email address is: [EMAIL PROTECTED] Again, thanks for your first answer. On Mon, 15 Dec 2003, Muthukumar wrote: | > web server here: --> http://www.hantsch.co.at/_temp/av-squid.conf | > | > | >>>>>>>>>>>> | | I think the problem is on these lines as | | http_access allow manager localhost | http_access deny manager | .. | ... | #Allow ICP queries from eveyone | icp_access allow all | >>>> | http_access deny manager | After allowing the local hosts,It will block the cached object using the | HTTPS ports while accessing the page. | So access is denied.So the cache permission for the Safe_ports are denied.So | the pages using the Safe_ports(443-https) will not be cached. | The access is not denied to them. | | Check this changed one, | no_cache deny Safe_ports | http_access allow manager localhost | http_access deny !Safe_ports | http_access deny CONNECT !SSL_ports | http_access deny all | icp_access allow all | | It will work. | | Regards, | Muthukumar. | mfg Ing. Rainer Hantsch
