I have recently made some changes to the squid cache at the school that I'm the sysadmin for, and it has come to my attention that MSN messenger no longer works. MSN is only used by about half a dozen staff members, and usually from the same pc's, all with fixed IP addresses.
The changes I made were as follows: - Implementing DansGuardian to provide content filtering - Implementing proxy password authentication for tighter 'who's doing what' type logging No firewall changes were made. MSN used to 'just work' - it didnt need any proxy information set, and would just connect out to the internet. I'm not sure what of the above has caused this, but it may be DansGuardian. It listens on the port the proxy used to (8080), and redirects requests through the cache, which listens only on port 3128 on the same machine as dansguardian - access to this cache via other machines is therefore not possible. I have played around with some acl rules trying to get squid to allow msn for only certain hosts, but I dont seem to be having any luck. I suspect that it may be that MSN is getting caught in DansGuardian somewhere and not being passed through to the proxy. Here are the acl and http_access rules from my squid.conf. If you need anything other than this, let me know and I will provide. acl users proxy_auth REQUIRED acl localhost src 127.0.0.1/255.55.255.255 acl all src 0.0.0.0/0.0.0.0 acl msn_hosts src 127.0.0.1 10.0.0.47 10.0.0.92 10.0.0.202 10.0.0.203 10.0.0.204 acl SSL_ports port 443 563 acl CONNECT method CONNECT I put in 127.0.0.1 as the proxy sees all requests as coming from localhost. The other IP's are now redundant, but this will then allow MSN to work for everyone. http_access allow msn_hosts all http_access allow users http_access deny all http_access deny CONNECT !SSL_ports There are no proxy settings set in MSN, which is what I would prefer to have but isnt required. An excerpt from the squid access log for what happens when I try to connect: 1080185050.589 5713 127.0.0.0 TCP_MISS/200 300 POST http://gateway.messenger.hotmail.com/gateway/gateway.dll? - DIRECT/207.46.104.20 application/x-msn-messenger If you want any more info please let me know. I'm quite desparate to get this working ASAP! Thanks in advance, Tom Anderson
