Find the answer to your Linux question:
Results 1 to 4 of 4
hi all, i am using OpenSUSE 11.4, at my office. and i m configuring /etc/squid/squid.conf. i don't want to configure client's browsers settings there is around 120 computers. with two ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Oct 2011
    Location
    India
    Posts
    2

    Unhappy squid http_access deny not working


    hi all, i am using OpenSUSE 11.4, at my office. and i m configuring /etc/squid/squid.conf.

    i don't want to configure client's browsers settings there is around 120 computers.

    with two eth0 192.168.0.59 and eth1 10.230.1.1 and another server FTP server 192.168.0.60.

    i want to block some badsites and tried too but i couldn't. and client are able to access all the sites. but not able to access my FTP server at 192.168.0.60.

    this is my configured file.

    acl all src all
    acl manager proto cache_object
    acl localhost src 192.168.0.59/255.255.255.0
    acl to_localhost dst 10.230.0.0/255.0.0.0
    acl localnet src 192.168.0.59/255.255.255.0
    acl localnet src 10.230.1.1/255.255.255.0
    acl SSL_ports port 443
    acl Safe_ports port 80
    acl Safe_ports port 21
    acl Safe_ports port 443
    acl Safe_ports port 70
    acl Safe_ports port 210
    acl Safe_ports port 1025-65535
    acl Safe_ports port 280
    acl Safe_ports port 488
    acl Safe_ports port 591
    acl Safe_ports port 777
    acl CONNECT method CONNECT
    acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9]
    acl apache rep_header Server ^Apache
    acl dom dstdomain .google.co CONNECT
    acl destination dst 10.230.1.0/255.0.0.0
    acl localhost src 10.230.1.0/255.0.0.0
    acl badsites1 dstdomain .hotmail.com
    acl badsites2 srcdomain .hotmail.com

    http_access deny manager
    http_access allow Safe_ports
    http_access deny CONNECT !SSL_ports
    http_access allow localnet
    http_access allow localhost
    http_access allow to_localhost
    http_access allow all CONNECT
    http_access deny all
    http_access allow destination
    http_access allow localhost
    http_access deny badsites1 badsites2
    http_access allow all

    and how to use iptables in suse.

    plzz reply....

  2. #2
    Linux Enthusiast scathefire's Avatar
    Join Date
    Jan 2010
    Location
    Western Kentucky
    Posts
    626
    Is proxy running transparently?
    Code:
    http_port 3128 transparent
    You use iptables like any other distro uses iptables. What are your current IP tables settings?
    Code:
    iptables -L -v
    linux user # 503963

  3. #3
    Just Joined!
    Join Date
    Oct 2011
    Location
    India
    Posts
    2
    I didn't any iptables settings...i don't knw hw cud i do that in OpenSuse11.4..:'(

    as i try to start service of iptables but it said .."There is no such service like iptables.."

  4. #4
    Linux Enthusiast scathefire's Avatar
    Join Date
    Jan 2010
    Location
    Western Kentucky
    Posts
    626
    Code:
    # iptables -L -v
    Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
     pkts bytes target     prot opt in     out     source               destination
    
    Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
     pkts bytes target     prot opt in     out     source               destination
    
    Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
     pkts bytes target     prot opt in     out     source               destination
    If you see something like that, then you are not doing any of the required routing via NAT to direct your traffic to the proxy in the first place.
    linux user # 503963

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •