Title: One site blocked, although added to exceptions in Proxy and HTTP Antivirus Post by: bart on Friday 22 June 2012, 05:03:20 pm Hello, please i would like to ask you for a help.
Our users need to accessing one site and they obtain error message: ---- ERROR The requested URL could not be retrieved While trying to retrieve the URL: http//www(dot)szpi.gov.cz/ The following error was encountered: Access Denied. Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect. Your cache administrator is admin ---- Wanted site szpi.cz, browsed from outside network is accessible. Wanted site szpi.cz is somehow redirected to volny.cz/cub/szpi.htm and then ends on url: szpi.gov.cz. We have trouble to access this site, although we put exception all three urls to: proxy -> access policy -> policy unfiltered access (allowed to ) ---> domains of destination these domains were added (with dot before url) .szpi.gov.cz and even (without dot before) szpi.gov.cz, ... and same with .volny.cz and .szpi.cz (domains were added one domain per line without commas or something at end of a line) Rule of unfiltered access is allowed for any agents, for any users and it´s on first possition at access policy list and it´s enabled. It didn´t helped us, so for sure we added these urls to: proxy ----> HTTP antivirus ---->field: Do not scan the following URLs There were all urls added one per line ... in format http//domain and also without http before domain name. Although exceptions are added, site is still blocked and in Web Proxy log i see: 192.168.123.456 TCP_MISS/302 495 GET http//www(dot)szpi.cz/ - DIRECT/217.198.116.188 text/html 192.168.123.456 TCP_MISS/304 352 GET http//www(dot)volny.cz/cub/szpi.htm - FIRST_UP_PARENT/havp - 192.168.123.456 TCP_MISS/304 352 GET http//www(dot)volny.cz/xgemius.js - FIRST_UP_PARENT/havp - 192.168.123.456 TCP_DENIED/403 2674 GET http//www(dot)szpi.gov.cz/ - NONE/- text/html Please can someone help me? I thank you very much for each advice. Bart Title: Re: One site blocked, although added to exceptions in Proxy and HTTP Antivirus Post by: bart on Friday 22 June 2012, 05:17:27 pm From link: wiki.squid-cache.org/SquidFaq/SquidLogs
I saw, that: TCP - Requests on the HTTP port (usually 3128). MISS - The response object delivered was the network response object. 302 - Moved Temporarily 1945, 2616, 4918 - so redirection 304 - Not Modified 1945, 2616 DENIED - The request was denied by access controls. 403 - Forbidden 1945, 2616, 4918 I don´t have idea, what is done bad, why exceptions doesn´t work and site have TCP_DENIED + 403 error in log. Thank you. Title: Re: One site blocked, although added to exceptions in Proxy and HTTP Antivirus Post by: kashifmax on Sunday 24 June 2012, 08:52:17 pm MISS (Request is not coming from cache)
HIT (Request coming from cache) DENIED (Request is denied) If you can than login EFW via ssh and add this rule, Code: acl govSite dstdomain .gov.cz .volny.cz Remember, your rule must be above the "deny all" rule. Read more about squid here... http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch32_:_Controlling_Web_Access_with_Squid Title: Re: One site blocked, although added to exceptions in Proxy and HTTP Antivirus Post by: bart on Tuesday 26 June 2012, 11:18:22 pm Today i noticed, that access to pages works, but weird is, that during these 4 days i didn´t modified anything on endian.
I didn´t found any clear explanation, why it works right now without any change of configuration and few days ago i make an exceptions and did a of reboots without any result. Maybe some longer time duration for stabilization of exception setting . Thanks again, Bart Title: Re: One site blocked, although added to exceptions in Proxy and HTTP Antivirus Post by: kashifmax on Wednesday 27 June 2012, 07:56:36 pm Hmmm, at least it works now... :)
|