On Mon, 10 Jan 2005, Diamond King wrote:
I`ve checked the configuration file and it seems that only port 443 and 563 were connected to SSL_Ports acl rule.
You then have some error in your http_access rules, allowing things you did not intend to allow.
192.168.25.220 - - [10/Jan/2005:11:24:38 +0800] "CONNECT 213.103.81.214:3518 HTTP/1.0" 200 223 TCP_MISS:DIRECT
What's the usage of port 563 anyway?
nntps, NNTP over SSL. Supported by many browsers and is why it is in the default allowed list.
By the way, any other way to check what exactly those logs for? is it attempt by kazaa users? Thanks again!
If you are lucky then a meaningful user-agent string is included.. visible if you enable log_mime_hdrs. But most likely this is blank or forged.
Regards Henrik
