NethServer Version: 7.3.1611 (rc3
Module: Web Proxy
When changing a setting in de webcontent filter or so, the /etc/squid/squid.conf get 's reset again to standard config … !!
NethServer Version: 7.3.1611 (rc3
Module: Web Proxy
When changing a setting in de webcontent filter or so, the /etc/squid/squid.conf get 's reset again to standard config … !!
It’s the normal behavior, configuration file are generated from templates.
What are you trying to achieve?
i’m rebuilding my house, but i still would like to use the web proxy and so for my kids.
zo using it remote, with dyndns …
Also, when acces a restricted site, i get forwarded to 10.10.0.254 instead of my domain name
http://nethserver.hopto.org/
can i fix that in squid.conf also
Squid.conf
# Uncomment this to enable debug
#debug_options ALL,1 33,2 28,9
# Sites not cached
acl no_cache dstdomain "/etc/squid/acls/no_cache.acl"
no_cache deny no_cache
# Allow access from green and trusted networks.
acl localnet src nethserver.hopto.org
#acl localnet src 10.10.0.0/24
#acl localnet_dst src 10.10.0.0/24
# Safe ports
acl SSL_ports port 443
acl SSL_ports port 980 # httpd-admin (server-manager)
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 980 # httpd-admin (server-manager)
acl CONNECT method CONNECT
#
# 20acl_00_portscustom
#
# Allow access from localhost
http_access allow localhost
# Deny requests to certain unsafe ports
http_access deny !Safe_ports
# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports
# Only allow cachemgr access from localhost
http_access allow localhost manager
http_access deny manager
#
# Skip URL rewriter for local addresses
#
acl self dst 10.10.0.254
acl self_port port 80
acl self_port port 443
url_rewrite_access deny self localnet self_port
# No authentication on green and trusted networks
http_access allow localnet
# And finally deny all other access to this proxy
http_access allow all
cache_mem 256 MB
# Enable disk cache
minimum_object_size 0 KB
maximum_object_size 4096 KB
cache_dir aufs /var/spool/squid 500 16 256
# Leave coredumps in the first cache dir
coredump_dir /var/spool/squid
#
# Add any of your own refresh_pattern entries above these.
#
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
refresh_pattern ([^.]+.|)(download|(windows|)update|).(microsoft.|)com/.*\.(cab|exe|msi|msp) 4320 100% 43200 reload-into-ims
# Always enable manual proxy
http_port 3128
# Enable transparent proxy
http_port 3129 transparent
# Enable squidGuard
url_rewrite_program /usr/sbin/ufdbgclient -l /var/log/squid
url_rewrite_children 20 startup=5 idle=5 concurrency=0
url_rewrite_extras "%>a/%>A %un %>rm bump_mode=%ssl::bump_mode sni=\"%ssl::>sni\" referer=\"%{Referer}>h\""
icap_enable on
icap_send_client_ip on
icap_send_client_username on
icap_client_username_encode off
icap_client_username_header X-Authenticated-User
icap_preview_enable on
icap_preview_size 1024
#
# 90options
#
forward_max_tries 25
shutdown_lifetime 1 seconds
buffered_logs on
max_filedesc 16384
logfile_rotate 0
icap_service clamav_req reqmod_precache bypass=1 icap://127.0.0.1:1344/squidclamav
adaptation_access clamav_req allow all
icap_service clamav_resp respmod_precache bypass=1 icap://127.0.0.1:1344/squidclamav
adaptation_access clamav_resp allow all
When i check my access.log on Squid now, i get continuesly this
1483064263.197 0 89.236.234.100 TCP_DENIED/403 4048 CONNECT auth.api.sonyentertainmentnetwork.com:443 - HIER_NONE/- text/html
1483064263.217 0 142.54.184.140 TCP_DENIED/403 4266 GET http://pl3.live.panda.tv/live_panda/bbca3c554e4b6300b5a4f600f413ffd3.flv - HIER_NONE/- text/html
1483064263.219 0 69.197.188.43 TCP_DENIED/403 4273 GET http://pl8.live.panda.tv/live_panda/b22aaba9221c50db7e4015bb445650a2.flv - HIER_NONE/- text/html
1483064263.245 0 142.54.188.83 TCP_DENIED/403 4322 GET http://pl11.live.panda.tv/live_panda/ca9b51cc36c76bf8a18e0b426db37beb.flv - HIER_NONE/- text/html
1483064263.301 0 204.12.207.251 TCP_DENIED/403 4293 GET http://pl3.live.panda.tv/live_panda/4400adc288c9f766e8e9a6bf0b854642.flv - HIER_NONE/- text/html
1483064263.305 0 173.208.172.2 TCP_DENIED/403 4265 GET http://pl8.live.panda.tv/live_panda/b22aaba9221c50db7e4015bb445650a2.flv - HIER_NONE/- text/html
1483064263.316 0 69.30.246.116 TCP_DENIED/403 4319 GET http://pl3.live.panda.tv/live_panda/9ffec4183840bc279b48e8310811a2cb.flv - HIER_NONE/- text/html
1483064263.341 0 204.12.238.46 TCP_DENIED/403 4269 GET http://pl11.live.panda.tv/live_panda/ca9b51cc36c76bf8a18e0b426db37beb.flv - HIER_NONE/- text/html
1483064263.341 0 107.150.45.219 TCP_DENIED/403 4266 GET http://pl3.live.panda.tv/live_panda/bbca3c554e4b6300b5a4f600f413ffd3.flv - HIER_NONE/- text/html
1483064263.352 0 69.197.163.174 TCP_DENIED/403 4267 GET http://pl3.live.panda.tv/live_panda/87a16a9df7bdd493291ce1d2d603fe91.flv - HIER_NONE/- text/html
1483064263.358 0 69.30.246.116 TCP_DENIED/403 4318 GET http://pl8.live.panda.tv/live_panda/b22aaba9221c50db7e4015bb445650a2.flv - HIER_NONE/- text/html
1483064263.363 0 173.254.204.204 TCP_DENIED/403 4270 GET http://pl3.live.panda.tv/live_panda/19dc4e2be65a11772a5b89a4f7815d05.flv - HIER_NONE/- text/html
1483064263.376 0 107.150.35.3 TCP_DENIED/403 4318 GET http://pl3.live.panda.tv/live_panda/80ed81e3aa4fd4278222819ba991b6bf.flv - HIER_NONE/- text/html
1483064263.442 0 204.12.228.117 TCP_DENIED/403 4266 GET http://pl8.live.panda.tv/live_panda/b22aaba9221c50db7e4015bb445650a2.flv - HIER_NONE/- text/html
1483064263.444 0 173.208.194.69 TCP_DENIED/403 4268 GET http://pl8.live.panda.tv/live_panda/b22aaba9221c50db7e4015bb445650a2.flv - HIER_NONE/- text/html
1483064263.447 0 69.30.232.195 TCP_DENIED/403 4269 GET http://pl11.live.panda.tv/live_panda/ca9b51cc36c76bf8a18e0b426db37beb.flv - HIER_NONE/- text/html
1483064263.451 0 142.54.176.206 TCP_DENIED/403 4296 GET http://pl11.live.panda.tv/live_panda/ca9b51cc36c76bf8a18e0b426db37beb.flv - HIER_NONE/- text/html
1483064263.452 0 204.12.196.14 TCP_DENIED/403 4318 GET http://pl3.live.panda.tv/live_panda/bbca3c554e4b6300b5a4f600f413ffd3.flv - HIER_NONE/- text/html
1483064263.461 0 192.151.158.227 TCP_DENIED/403 4344 GET http://pl3.live.panda.tv/live_panda/9a23e166ed31adf2f6c10b5cc8e6c238.flv - HIER_NONE/- text/html
1483064263.470 0 204.12.222.132 TCP_DENIED/403 4292 GET http://pl8.live.panda.tv/live_panda/b22aaba9221c50db7e4015bb445650a2.flv - HIER_NONE/- text/html
1483064263.471 0 192.151.157.19 TCP_DENIED/403 4278 GET http://pl11.live.panda.tv/live_panda/ca9b51cc36c76bf8a18e0b426db37beb.flv - HIER_NONE/- text/html
1483064263.482 0 107.150.52.26 TCP_DENIED/403 4257 GET http://pl8.live.panda.tv/live_panda/b22aaba9221c50db7e4015bb445650a2.flv - HIER_NONE/- text/html
1483064263.485 0 173.208.155.84 TCP_DENIED/403 4343 GET http://pl3.live.panda.tv/live_panda/2b1a18b84e33b374f40a9f0cef05bdc7.flv - HIER_NONE/- text/html
1483064263.499 0 198.204.230.12 TCP_DENIED/403 4293 GET http://pl4.live.panda.tv/live_panda/0b6720e1d86aba1a249bb1c1f5cfba66.flv - HIER_NONE/- text/html
1483064263.500 0 69.197.163.172 TCP_DENIED/403 4293 GET http://pl3.live.panda.tv/live_panda/dc196c5cddb60c3ef00c699d33318c76.flv - HIER_NONE/- text/html
1483064263.514 0 69.12.77.146 TCP_DENIED/403 4268 GET http://pl11.live.panda.tv/live_panda/ca9b51cc36c76bf8a18e0b426db37beb.flv - HIER_NONE/- text/html
1483064263.517 0 173.208.211.43 TCP_DENIED/403 4266 GET http://pl8.live.panda.tv/live_panda/b22aaba9221c50db7e4015bb445650a2.flv - HIER_NONE/- text/htm
Als in Ntop alerts counting fast up