Welcome, Guest. Please login or register.
Did you miss your activation email?
Saturday 23 November 2024, 12:37:55 am

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14258 Posts in 4377 Topics by 6516 Members
Latest Member: DaveH
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  EFW SMTP, HTTP, SIP, FTP Proxy Support
| | |-+  One site blocked, although added to exceptions in Proxy and HTTP Antivirus
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: One site blocked, although added to exceptions in Proxy and HTTP Antivirus  (Read 22940 times)
bart
Jr. Member
*
Offline Offline

Posts: 3


« on: Friday 22 June 2012, 05:03:20 pm »

Hello, please i would like to ask you for a help.

Our users need to accessing one site and they obtain error message:
----
ERROR
The requested URL could not be retrieved
While trying to retrieve the URL:  http//www(dot)szpi.gov.cz/
The following error was encountered:
Access Denied.

Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.
Your cache administrator is admin
----
Wanted site szpi.cz, browsed from outside network is accessible.
Wanted site szpi.cz is somehow redirected to volny.cz/cub/szpi.htm and then ends on url:  szpi.gov.cz.

We have trouble to access this site, although we put exception all three urls to:
proxy ->  access policy -> policy unfiltered access (allowed to )  ---> domains of destination 
these domains were added (with dot before url) .szpi.gov.cz and even (without dot before) szpi.gov.cz, ... and same with .volny.cz and .szpi.cz (domains were added one domain per line without commas or something at end of a line)
Rule of unfiltered access is allowed for any agents, for any users and itīs on first possition at access policy list and itīs enabled.  

It didnīt helped us, so for sure we added these urls to:  proxy ---->  HTTP antivirus ---->field: Do not scan the following URLs
There were all urls added one per line ... in format http//domain and also without http before domain name.

Although exceptions are added, site is still blocked and in Web Proxy log i see:

192.168.123.456 TCP_MISS/302 495 GET http//www(dot)szpi.cz/ - DIRECT/217.198.116.188 text/html
192.168.123.456 TCP_MISS/304 352 GET http//www(dot)volny.cz/cub/szpi.htm - FIRST_UP_PARENT/havp -
192.168.123.456 TCP_MISS/304 352 GET http//www(dot)volny.cz/xgemius.js - FIRST_UP_PARENT/havp -
192.168.123.456 TCP_DENIED/403 2674 GET  http//www(dot)szpi.gov.cz/ - NONE/- text/html

Please can someone help me?
I thank you very much for each advice.

Bart
Logged
bart
Jr. Member
*
Offline Offline

Posts: 3


« Reply #1 on: Friday 22 June 2012, 05:17:27 pm »

From link: wiki.squid-cache.org/SquidFaq/SquidLogs
I saw, that:

TCP - Requests on the HTTP port (usually 3128).
MISS - The response object delivered was the network response object.
302  - Moved Temporarily  1945, 2616, 4918  -  so redirection
304  - Not Modified  1945, 2616
DENIED - The request was denied by access controls.
403 - Forbidden  1945, 2616, 4918

I donīt have idea, what is done bad, why exceptions doesnīt work and site have TCP_DENIED + 403 error in log.

Thank you.
Logged
kashifmax
Sr. Member
****
Offline Offline

Gender: Female
Posts: 108


« Reply #2 on: Sunday 24 June 2012, 08:52:17 pm »

MISS (Request is not coming from cache)
HIT (Request coming from cache)
DENIED (Request is denied)

If you can than login EFW via ssh and add this rule,
Code:
acl govSite dstdomain .gov.cz .volny.cz
#To allow cz domain site than use this rule "acl govSite dstdomain .cz"
http_access allow govSite

Remember, your rule must be above the "deny all" rule.

Read more about squid here...
http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch32_:_Controlling_Web_Access_with_Squid
Logged
bart
Jr. Member
*
Offline Offline

Posts: 3


« Reply #3 on: Tuesday 26 June 2012, 11:18:22 pm »

Today i noticed, that access to pages works, but weird is, that during these 4 days i didnīt modified anything on endian.
I didnīt found any clear explanation, why it works right now without any change of configuration and few days ago i make an exceptions and did a  of reboots without any result.
Maybe some longer time duration for stabilization of exception setting .

Thanks again,
Bart
Logged
kashifmax
Sr. Member
****
Offline Offline

Gender: Female
Posts: 108


« Reply #4 on: Wednesday 27 June 2012, 07:56:36 pm »

Hmmm, at least it works now...  Smiley
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.078 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com