Bonjour,
J’ai installé squid3 sur un serveur Ubuntu. L’authentification des utilisateurs se fait par l’AD: jusqu’ici pas de problèmes. Mais lorsque je souhaite visiter un site dont l’adresse URL comporte un numéro de port particulier, j’ai le message d’erreur suivant (sur IE comme sur Mozilla Firefox):
ERROR
The requested URL could not be retrieved
The following error was encountered while trying to retrieve the URL: torrents.freebsd.org:8080…
Connection to 69.147.83.59 failed.
The system returned: (111) Connection refused
The remote host or network may be down. Please try the request again.
Your cache administrator is crous.surveillance@restau.crousntes.fr.
Generated Wed, 23 Nov 2011 09:04:11 GMT by profiler (squid/3.0.STABLE19)
Voici les ACL définis dans mon squid.conf:
#TAG: acl
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl ipprofiler src 192.168.0.6/255.255.255.255
acl to_localhost dst 127.0.0.1/32
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 8080 # port particulier
acl CONNECT method CONNECT
acl ntlm proxy_auth REQUIRED
TAG: http_access
Only allow cachemgr access from localhost
http_access allow manager localhost
#http_access deny manager
http_access allow ntlm
Deny requests to unknown ports
http_access deny !Safe_ports
Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
#http_access allow ntlm
http_access allow ntlm
http_access allow localhost
And finally deny all other access to this proxy
http_access deny all
http_reply_access allow all
Ça fait un bon moment que je m’arrache les cheveux!!!
Merci à tous ceux qui voudront bien partager leur expérience et m’apporter leur aide!!!