> On Tue, 28 Nov 2006 15:29:33 +0100 "debian" <[EMAIL PROTECTED]> wrote: > > there is an internet application and i have some clients who needs to > > connect to it. > > Firewall is setup, proxy server is squid. > > The internet application is using different ports, my proxy server > > listens only to port 80 (http traffic for internet) > > the users can also go to https sites (which are using port 443). > > > > The internet application is using different ports (like port 7090 and > > others), how does it come that my client pc's can't connect via the > > proxy to those ports ?
On 28.11.06 16:01, Liam O'Toole wrote: > Squid maintains an access control list called "Safe_ports". I suspect > that port 7090 isn't in the list. See the file /etc/squid/squid.conf for > details. if that is a HTTP, "debian" may decide, if it's needed to allow ports like 7090 only to some hosts, or everywhere. Also, if it's HTTP running on those ports, it's not needed to allow application ask squid to CONNECT there, only to fetch objects from those port(s). define acls: acl app_src src [IP spec] # IP's where application runs acl app_port dstport 7090 # and possibly other ports acl app_host dst [IP spec] # to define hosts by IP addresses or acl app_host dstdomain [host spec] # to define hosts by names and allow access before other http_access directives: http_access allow app_src app_port app_host or http_access allow app_src CONNECT app_port app_host -- Matus UHLAR - fantomas, [EMAIL PROTECTED] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. 2B|!2B, that's a question! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]