Squid - Squid Blocking Explicitly Allowed Site

This is Interesting: Free IT Magazines  
Home > Archive > Squid > May 2006 > Squid Blocking Explicitly Allowed Site





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Squid Blocking Explicitly Allowed Site
Mr V

2006-05-23, 1:14 pm

Hello,

I am trying to gt users in a group with limited internet access hit the
site www.holidayextras.co.uk. If I pass "all" for the appropriate group
I can hit it fine. If I include the site in a domains url list and
alllow the group to access this list via the squidguard.conf file the
site isn't reachable via the proxy. I have taken a closer look at the
site and can see it is pulling some javascript of www.hxtrack.com and
www.hxads.com. Thinking this was the cause of the problem I added these
urls to the domains urls list, but after restarting squid there was
still no joy.
I don't know why this site continues to be denied. Below are some
excepts from the squidguard.conf and access.log
The user groups come from active directory and are being updated to
squid with no problem. The authentication is working fine. It is just
this site so far that refuses to play.
Does anyone have any ideas what might be causing this block?
Thanks in advance

Mr V

>From squidguard.conf: travelok contains the correct url in a domains
file and a urls file. Other sites that are expressed there are working
fine and the sites that should be blocked are being blocked.

### Define your custom travel sites here
dest travelok {
logfile travelok.log

domainlist travelok/domains
urllist travelok/urls
}

dest dollonnet {
logfile DON.log

domainlist dollonnet/domains
}

### ACL definition
acl {
EURPrxyAdmin {
pass all
}
EURPrxyIT {
pass !adult !aggressive !artnudes !audio-video !beerliquorinfo
!beerliquorsale !chat !dialers !gambling !porn !redirector !spyware
!strong_redirector !violence !virusinfected !warez !weapons travel
whitelist all
redirect 302:http://eurhome/No_Access.html
}
EURPrxyTrav {
pass good travelok none
redirect 302:http://eurhome/No_Access.html
}
default {
pass good none
redirect 302:http://eurhome/No_Access.html
}
========================================
=================
Also see below the difference in group membership taking effect via
access.log

User as a member of EurPrxyTrav trying to get through to the same site.
The url should be allowed.



1148293669.419 0 10.128.5.56 TCP_DENIED/407 1730 GET
http://www.holidayextras.co.uk/ - NONE/- text/html

1148293669.424 1 10.128.5.56 TCP_DENIED/407 1734 GET
http://www.holidayextras.co.uk/ - NONE/- text/html

1148293669.440 15 10.128.5.56 TCP_MISS/000 221 GET
http://www.holidayextras.co.uk/ ASR\PROXYTESTUSER NONE/- -

1148293678.235 1 10.128.5.56 TCP_DENIED/407 1730 GET
http://www.holidayextras.co.uk/ - NONE/- text/html

1148293678.241 1 10.128.5.56 TCP_DENIED/407 1734 GET
http://www.holidayextras.co.uk/ - NONE/- text/html

1148293678.244 3 10.128.5.56 TCP_MISS/000 221 GET
http://www.holidayextras.co.uk/ ASR\PROXYTESTUSER NONE/- -



User hitting www.holidayextras.co.uk as member of EurPrxyAdmin having
"all" in squidguard.conf

=============================

1148295586.607 3 10.128.5.2 TCP_DENIED/407 1730 GET
http://www.holidayextras.co.uk/ - NONE/- text/html

1148295586.609 0 10.128.5.2 TCP_DENIED/407 1734 GET
http://www.holidayextras.co.uk/ - NONE/- text/html

1148295588.686 0 10.128.5.2 TCP_DENIED/407 1853 GET
http://www.holidayextras.co.uk/styl...-homepage-1.css
- NONE/- text/html

1148295588.690 1 10.128.5.2 TCP_DENIED/407 1857 GET
http://www.holidayextras.co.uk/styl...-homepage-1.css
- NONE/- text/html

1148295589.341 651 10.128.5.2 TCP_REFRESH_MISS/200 14410 GET
http://www.holidayextras.co.uk/styl...-homepage-1.css
ASR\GHINDSON DIRECT/194.200.64.12 text/css

1148295589.585 242 10.128.5.2 TCP_REFRESH_HIT/304 197 GET
http://www.holidayextras.co.uk/java...seo-live_rv2.js
ASR\GHINDSON DIRECT/194.200.64.12 -

1148295589.854 269 10.128.5.2 TCP_REFRESH_HIT/304 196 GET
http://www.holidayextras.co.uk/stylesheet/iemenu.css ASR\GHINDSON
DIRECT/194.200.64.12 -

1148295589.884 0 10.128.5.2 TCP_DENIED/407 1694 CONNECT
www.hxtrack.com:443 - NONE/- text/html

1148295589.886 0 10.128.5.2 TCP_DENIED/407 1698 CONNECT
www.hxtrack.com:443 - NONE/- text/html

1148295590.851 4241 10.128.5.2 TCP_MISS/200 73844 GET
http://www.holidayextras.co.uk/ ASR\GHINDSON DIRECT/80.1.94.12
text/html

1148295593.742 3857 10.128.5.2 TCP_MISS/200 3072 CONNECT
www.hxtrack.com:443 ASR\GHINDSON DIRECT/80.1.94.202 -

1148295593.766 0 10.128.5.2 TCP_DENIED/407 1694 CONNECT
www.hxtrack.com:443 - NONE/- text/html

1148295593.768 0 10.128.5.2 TCP_DENIED/407 1698 CONNECT
www.hxtrack.com:443 - NONE/- text/html

1148295593.801 0 10.128.5.2 TCP_DENIED/407 1829 GET
http://www.holidayextras.co.uk/imag...-best-price.gif -
NONE/- text/html

1148295593.804 0 10.128.5.2 TCP_DENIED/407 1833 GET
http://www.holidayextras.co.uk/imag...-best-price.gif -
NONE/- text/html

1148295593.879 0 10.128.5.2 TCP_DENIED/407 1727 GET
http://www.hxads.com/adjs.php? - NONE/- text/html

1148295593.882 0 10.128.5.2 TCP_DENIED/407 1731 GET
http://www.hxads.com/adjs.php? - NONE/- text/html

1148295594.109 338 10.128.5.2 TCP_REFRESH_MISS/200 1161 GET
http://www.holidayextras.co.uk/imag...ages/header.gif ASR\GHINDSON
DIRECT/194.200.64.12 image/gif

1148295594.593 789 10.128.5.2 TCP_REFRESH_HIT/200 6375 GET
http://www.holidayextras.co.uk/imag...-best-price.gif
ASR\GHINDSON DIRECT/80.1.94.12 image/gif

1148295595.203 1435 10.128.5.2 TCP_MISS/200 699 CONNECT
www.hxtrack.com:443 ASR\GHINDSON DIRECT/194.200.64.202 -

1148295595.511 1629 10.128.5.2 TCP_MISS/200 1552 GET
http://www.hxads.com/adjs.php? ASR\GHINDSON DIRECT/80.1.94.201
application/x-javascript

1148295595.620 0 10.128.5.2 TCP_DENIED/407 1814 GET
http://www.holidayextras.co.uk/imag...es/ipod_new.gif - NONE/-
text/html

1148295595.622 0 10.128.5.2 TCP_DENIED/407 1818 GET
http://www.holidayextras.co.uk/imag...es/ipod_new.gif - NONE/-
text/html

1148295595.679 0 10.128.5.2 TCP_DENIED/407 1790 GET
http://www.holidayextras.co.uk/javascript/hxmenu.js - NONE/- text/html

1148295595.683 0 10.128.5.2 TCP_DENIED/407 1794 GET
http://www.holidayextras.co.uk/javascript/hxmenu.js - NONE/- text/html

1148295595.684 172 10.128.5.2 TCP_REFRESH_HIT/304 197 GET
http://www.holidayextras.co.uk/home...king-banner.gif
ASR\GHINDSON DIRECT/194.200.64.12 -

1148295595.715 91 10.128.5.2 TCP_REFRESH_HIT/304 196 GET
http://www.holidayextras.co.uk/imag...es/ipod_new.gif
ASR\GHINDSON DIRECT/194.200.64.12 -

1148295595.753 69 10.128.5.2 TCP_REFRESH_HIT/304 196 GET
http://www.holidayextras.co.uk/javascript/hxmenu.js ASR\GHINDSON
DIRECT/194.200.64.12 -

1148295595.865 64 10.128.5.2 TCP_REFRESH_HIT/304 195 GET
http://www.holidayextras.co.uk/imag...etafaq_mark.gif
ASR\GHINDSON DIRECT/194.200.64.12 -

1148295595.951 197 10.128.5.2 TCP_REFRESH_MISS/200 3769 GET
http://www.holidayextras.co.uk/imag...ges/hx-logo.gif ASR\GHINDSON
DIRECT/194.200.64.12 image/gif

1148295597.345 1748 10.128.5.2 TCP_MISS/200 413 GET
http://www.hxads.com/adlog.php? ASR\GHINDSON DIRECT/80.1.94.201
image/gif

Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com