Squid Blocking Explicitly Allowed Site

Web Server Talk > Web Servers reviews > Squid > Squid Blocking Explicitly Allowed Site
Last Thread Next Thread Next
Squid Blocking Explicitly Allowed Site
Mr V
05-23-06 06:14 PM
Hello,

I am trying to gt users in a group with limited internet access hit the
site www.holidayextras.co.uk. If I pass "all" for the appropriate group
I can hit it fine. If I include the site in a domains url list and
alllow the group to access this list via the squidguard.conf file the
site isn't reachable via the proxy. I have taken a closer look at the
site and can see it is pulling some javascript of www.hxtrack.com and
www.hxads.com. Thinking this was the cause of the problem I added these
urls to the domains urls list, but after restarting squid there was
still no joy.
I don't know why this site continues to be denied. Below are some
excepts from the squidguard.conf and access.log
The user groups come from active directory and are being updated to
squid with no problem. The authentication is working fine. It is just
this site so far that refuses to play.
Does anyone have any ideas what might be causing this block?
Thanks in advance

Mr V

>From squidguard.conf: travelok contains the correct url in a domains
file and a urls file. Other sites that are expressed there are working
fine and the sites that should be blocked are being blocked.

### Define your custom travel sites here
dest travelok {
logfile	travelok.log

domainlist      travelok/domains
urllist		travelok/urls
}

dest dollonnet {
logfile DON.log

domainlist	dollonnet/domains
}

### ACL definition
acl {
EURPrxyAdmin	{
pass	all
}
EURPrxyIT {
pass !adult !aggressive !artnudes !audio-video !beerliquorinfo
!beerliquorsale !chat !dialers !gambling !porn !redirector !spyware
!strong_redirector !violence !virusinfected !warez !weapons travel
whitelist all
redirect 302:http://eurhome/No_Access.html
}
EURPrxyTrav {
pass good travelok none
redirect 302:http://eurhome/No_Access.html
}
default {
pass good none
redirect 302:http://eurhome/No_Access.html
}
 ========================================
=================
Also see below the difference in group membership taking effect via
access.log

User as a member of EurPrxyTrav trying to get through to the same site.
The url should be allowed.



1148293669.419      0 10.128.5.56 TCP_DENIED/407 1730 GET
http://www.holidayextras.co.uk/ - NONE/- text/html

1148293669.424      1 10.128.5.56 TCP_DENIED/407 1734 GET
http://www.holidayextras.co.uk/ - NONE/- text/html

1148293669.440     15 10.128.5.56 TCP_MISS/000 221 GET
http://www.holidayextras.co.uk/ ASR\PROXYTESTUSER NONE/- -

1148293678.235      1 10.128.5.56 TCP_DENIED/407 1730 GET
http://www.holidayextras.co.uk/ - NONE/- text/html

1148293678.241      1 10.128.5.56 TCP_DENIED/407 1734 GET
http://www.holidayextras.co.uk/ - NONE/- text/html

1148293678.244      3 10.128.5.56 TCP_MISS/000 221 GET
http://www.holidayextras.co.uk/ ASR\PROXYTESTUSER NONE/- -



User hitting www.holidayextras.co.uk as member of EurPrxyAdmin having
"all" in squidguard.conf

=============================

1148295586.607      3 10.128.5.2 TCP_DENIED/407 1730 GET
http://www.holidayextras.co.uk/ - NONE/- text/html

1148295586.609      0 10.128.5.2 TCP_DENIED/407 1734 GET
http://www.holidayextras.co.uk/ - NONE/- text/html

1148295588.686      0 10.128.5.2 TCP_DENIED/407 1853 GET
http://www.holidayextras.co.uk/styl...-homepage-1.css
- NONE/- text/html

1148295588.690      1 10.128.5.2 TCP_DENIED/407 1857 GET
http://www.holidayextras.co.uk/styl...-homepage-1.css
- NONE/- text/html

1148295589.341    651 10.128.5.2 TCP_REFRESH_MISS/200 14410 GET
http://www.holidayextras.co.uk/styl...-homepage-1.css
ASR\GHINDSON DIRECT/194.200.64.12 text/css

1148295589.585    242 10.128.5.2 TCP_REFRESH_HIT/304 197 GET
http://www.holidayextras.co.uk/java...seo-live_rv2.js
ASR\GHINDSON DIRECT/194.200.64.12 -

1148295589.854    269 10.128.5.2 TCP_REFRESH_HIT/304 196 GET
http://www.holidayextras.co.uk/stylesheet/iemenu.css ASR\GHINDSON
DIRECT/194.200.64.12 -

1148295589.884      0 10.128.5.2 TCP_DENIED/407 1694 CONNECT
www.hxtrack.com:443 - NONE/- text/html

1148295589.886      0 10.128.5.2 TCP_DENIED/407 1698 CONNECT
www.hxtrack.com:443 - NONE/- text/html

1148295590.851   4241 10.128.5.2 TCP_MISS/200 73844 GET
http://www.holidayextras.co.uk/ ASR\GHINDSON DIRECT/80.1.94.12
text/html

1148295593.742   3857 10.128.5.2 TCP_MISS/200 3072 CONNECT
www.hxtrack.com:443 ASR\GHINDSON DIRECT/80.1.94.202 -

1148295593.766      0 10.128.5.2 TCP_DENIED/407 1694 CONNECT
www.hxtrack.com:443 - NONE/- text/html

1148295593.768      0 10.128.5.2 TCP_DENIED/407 1698 CONNECT
www.hxtrack.com:443 - NONE/- text/html

1148295593.801      0 10.128.5.2 TCP_DENIED/407 1829 GET
http://www.holidayextras.co.uk/imag...-best-price.gif -
NONE/- text/html

1148295593.804      0 10.128.5.2 TCP_DENIED/407 1833 GET
http://www.holidayextras.co.uk/imag...-best-price.gif -
NONE/- text/html

1148295593.879      0 10.128.5.2 TCP_DENIED/407 1727 GET
http://www.hxads.com/adjs.php? - NONE/- text/html

1148295593.882      0 10.128.5.2 TCP_DENIED/407 1731 GET
http://www.hxads.com/adjs.php? - NONE/- text/html

1148295594.109    338 10.128.5.2 TCP_REFRESH_MISS/200 1161 GET
http://www.holidayextras.co.uk/imag...ages/header.gif ASR\GHINDSON
DIRECT/194.200.64.12 image/gif

1148295594.593    789 10.128.5.2 TCP_REFRESH_HIT/200 6375 GET
http://www.holidayextras.co.uk/imag...-best-price.gif
ASR\GHINDSON DIRECT/80.1.94.12 image/gif

1148295595.203   1435 10.128.5.2 TCP_MISS/200 699 CONNECT
www.hxtrack.com:443 ASR\GHINDSON DIRECT/194.200.64.202 -

1148295595.511   1629 10.128.5.2 TCP_MISS/200 1552 GET
http://www.hxads.com/adjs.php? ASR\GHINDSON DIRECT/80.1.94.201
application/x-javascript

1148295595.620      0 10.128.5.2 TCP_DENIED/407 1814 GET
http://www.holidayextras.co.uk/imag...es/ipod_new.gif - NONE/-
text/html

1148295595.622      0 10.128.5.2 TCP_DENIED/407 1818 GET
http://www.holidayextras.co.uk/imag...es/ipod_new.gif - NONE/-
text/html

1148295595.679      0 10.128.5.2 TCP_DENIED/407 1790 GET
http://www.holidayextras.co.uk/javascript/hxmenu.js - NONE/- text/html

1148295595.683      0 10.128.5.2 TCP_DENIED/407 1794 GET
http://www.holidayextras.co.uk/javascript/hxmenu.js - NONE/- text/html

1148295595.684    172 10.128.5.2 TCP_REFRESH_HIT/304 197 GET
http://www.holidayextras.co.uk/home...king-banner.gif
ASR\GHINDSON DIRECT/194.200.64.12 -

1148295595.715     91 10.128.5.2 TCP_REFRESH_HIT/304 196 GET
http://www.holidayextras.co.uk/imag...es/ipod_new.gif
ASR\GHINDSON DIRECT/194.200.64.12 -

1148295595.753     69 10.128.5.2 TCP_REFRESH_HIT/304 196 GET
http://www.holidayextras.co.uk/javascript/hxmenu.js ASR\GHINDSON
DIRECT/194.200.64.12 -

1148295595.865     64 10.128.5.2 TCP_REFRESH_HIT/304 195 GET
http://www.holidayextras.co.uk/imag...etafaq_mark.gif
ASR\GHINDSON DIRECT/194.200.64.12 -

1148295595.951    197 10.128.5.2 TCP_REFRESH_MISS/200 3769 GET
http://www.holidayextras.co.uk/imag...ges/hx-logo.gif ASR\GHINDSON
DIRECT/194.200.64.12 image/gif

1148295597.345   1748 10.128.5.2 TCP_MISS/200 413 GET
http://www.hxads.com/adlog.php? ASR\GHINDSON DIRECT/80.1.94.201
image/gif
[ Post a follow-up to this message ]