Hi, all, To start: Squid Cache: Version 2.5.STABLE2 configure options: --enable-async-io --enable-removal-policies=heap,lru --enable-snmp
(Yes, we're not "current", but we need to get this working to replace our current web filter before we work on upgrading and adding authentication.) RedHat 7.3 (Linux 2.4.20-20.7) (We are not yet using authentication, so I don't think Bug 592 applies.) We are having trouble setting up eSafe as a parent proxy. If we request something already cached from squid, it works. If we request something allowed directly, it works. When we try to force it through eSafe (never_direct allow all) - it breaks. If we take out the "never_direct allow all" it works, but doesn't seem to go through the eSafe filter. Whenever we add in the "never_direct allow all" directive, we get the following in the browser: ERROR The requested URL could not be retrieved ________________________________________________________________________ While trying to retrieve the URL: NONE://esafe.hcjb.org.ec:8080http://www.mail-archive.com/[EMAIL PROTECTED]/msg11590.html The following error was encountered: * Read Error The system returned: (104) Connection reset by peer An error condition occurred while reading data from the network. Please retry your request. Your cache administrator is webmaster. ________________________________________________________________________ Generated Thu, 22 Jan 2004 19:57:21 GMT by webfilter2.quito.hcjb.org.ec (squid/2.5.STABLE2) Is the following correct? Should I blame esafe and go after the problem there? http_port 8080 cache_peer esafe.hcjb.org.ec parent 8080 0 no-query default hierarchy_stoplist cgi-bin ? [snipped non-relevant lines] acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 9100 2095 2082 acl Safe_ports port 80 # http acl Safe_ports port 20-21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 554 # multiling http acl CONNECT method CONNECT acl adminuser src 10.129.134.4/30 acl adminuser src 10.129.129.12/30 acl internetenabled src 10.129.129.0/25 acl internetenabled src 10.129.130.0/24 acl internetenabled src 10.129.134.0/24 acl internetenabled src 10.129.184.0/24 acl internetenabled src 10.138.0.0/16 acl internetenabled src 10.139.0.0/16 acl internetenabled src 10.140.0.0/16 acl goodsites dstdomain .hcjb.org.ec acl goodsites dstdomain .hcjb.org acl goodsites dstdomain .nod32.com http_access allow manager localhost http_access allow manager adminuser http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access deny to_localhost http_access allow adminuser http_access allow localhost http_access allow all goodsites http_access allow internetenabled http_access deny all http_reply_access allow all icp_access allow all acl DSTlocalserversIP dst 10.129.130.0/24 acl DSTlocalserversIP dst 10.129.254.0/24 acl DSTlocalserversDMN dstdomain .hcjb.org.ec acl DSTlocalserversException dstdomain www.hcjb.org.ec always_direct deny DSTlocalserversException always_direct allow DSTlocalserversIP always_direct allow DSTlocalserversDMN never_direct allow all Thanks for any direction you can give us.
