Re: [squid-users] Chat Apps getting blocked
On Thu, Apr 24, 2008 at 3:06 AM, Chris Robertson [EMAIL PROTECTED] wrote: Odhiambo Washington wrote: Hi Amos, Thank you so much. This now works after I created an ACL for them. PS: Does everyone on this list get some e-mail from ANTIGEN blah on some exchange server whenever they send mail to the list or is it just me? For every post to the list, I get a response with the following data in the body: begin quote Microsoft Antigen for Exchange found a message matching a filter. The message is currently Identified. Message: SUSPECT MAIL_ _squid_users_ Access Controls using MAC address Filter name: KEYWORD= profanity: bastards;sexual discrimination: bastards Check your signature... Thanks for spotting that:-) I will think about it. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
Re: [squid-users] Chat Apps getting blocked
Hello guys i believe that could be our Exchange box - i am subscribed via gmail and then have them forwarded to my work address.I know we get some swear filtering going on (school enviro) but i wasn't aware it was sending out replys to those 'offenses'. I've notifed the admin about this but it appears hes not willing to do any more on this - policies or something - , so i've just removed the forwarder indefinately. We now resume your post-watershed mails! ;) On Thu, Apr 24, 2008 at 1:03 PM, Odhiambo Washington [EMAIL PROTECTED] wrote: On Thu, Apr 24, 2008 at 3:06 AM, Chris Robertson [EMAIL PROTECTED] wrote: Odhiambo Washington wrote: Hi Amos, Thank you so much. This now works after I created an ACL for them. PS: Does everyone on this list get some e-mail from ANTIGEN blah on some exchange server whenever they send mail to the list or is it just me? For every post to the list, I get a response with the following data in the body: begin quote Microsoft Antigen for Exchange found a message matching a filter. The message is currently Identified. Message: SUSPECT MAIL_ _squid_users_ Access Controls using MAC address Filter name: KEYWORD= profanity: bastards;sexual discrimination: bastards Check your signature... Thanks for spotting that:-) I will think about it. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
Re: [squid-users] Chat Apps getting blocked
Odhiambo Washington wrote: Hi Amos, Thank you so much. This now works after I created an ACL for them. PS: Does everyone on this list get some e-mail from ANTIGEN blah on some exchange server whenever they send mail to the list or is it just me? For every post to the list, I get a response with the following data in the body: begin quote Microsoft Antigen for Exchange found a message matching a filter. The message is currently Identified. Message: SUSPECT MAIL_ _squid_users_ Access Controls using MAC address Filter name: KEYWORD= profanity: bastards;sexual discrimination: bastards Check your signature... Sent from: Odhiambo Washington Folder: SMTP Messages\Inbound Location: tesco/First Administrative Group/SW2KE /end quote It's very annoying and I always wonder if squid-users is hosted on a M$ Exchange platform:-) Anyone has a clue as to why I always get this? -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Oh My God! They killed init! You Bastards! --from a /. post Chris
Re: [squid-users] Chat Apps getting blocked
g f wrote: I have a question about your reply: http_access deny CONNECT !SSL_ports Shouldnt this deny access to all but SSL_ports 443 and 563? but wouldnt this: acl Safe_ports port 1025-65535 # unregistered ports http_access deny !Safe_ports allow access on port 5222 (normally default xmpp port). I am curious if I understand the acls properly. They are all run top-to-bottom with first-match-wins. So the ... http_access deny !Safe_ports ... does not stop port 5222 access, merely lets it continue down to a later ACL check. Which in this case is ... http_access deny CONNECT !SSL_Ports ... which matches and denies it (CONNECT is being done and 5222 is not in SSL_Ports) Amos Thanks. On Mon, Apr 21, 2008 at 8:13 AM, Amos Jeffries [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Odhiambo Washington wrote: Hello List, I copycat(ed) a squid.conf from this list a few days ago and did minimal config mods just to allow my network to use it. It works great with youtube caching, but stranegly, it blocks MSN/Yahoo chats, but I sincerely cannot see where this is happening. The file can be access from the following URL: https://212.22.160.35/~wash/squid.conf.txt https://212.22.160.35/%7Ewash/squid.conf.txt (I use a self-signed certificate, so please just accept it) I get the following in the access log: 1208510066.248 7255 192.168.0.106 http://192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.110.28:1863 http://207.46.110.28:1863 - NONE/- text/html 1208510066.726 7850 192.168.0.150 http://192.168.0.150 TCP_DENIED/403 1422 CONNECT 207.46.110.89:1863 http://207.46.110.89:1863 - NONE/- text/html 1208510100.571847 192.168.0.106 http://192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.110.94:1863 http://207.46.110.94:1863 - NONE/- text/html 1208510119.339 28 192.168.0.150 http://192.168.0.150 TCP_DENIED/403 1422 CONNECT 207.46.110.94:1863 http://207.46.110.94:1863 - NONE/- text/html 1208510173.114853 192.168.0.106 http://192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.108.13:1863 http://207.46.108.13:1863 - NONE/- text/html 1208510216.270668 192.168.0.150 http://192.168.0.150 TCP_DENIED/403 1422 CONNECT 207.46.108.85:1863 http://207.46.108.85:1863 - NONE/- text/html 1208510300.314852 192.168.0.106 http://192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.108.97:1863 http://207.46.108.97:1863 - NONE/- text/html 1208510347.723853 192.168.0.106 http://192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.108.86:1863 http://207.46.108.86:1863 - NONE/- text/html 1208510371.584823 192.168.0.106 http://192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.108.66:1863 http://207.46.108.66:1863 - NONE/- text/html 1208510408.981 20 192.168.0.150 http://192.168.0.150 TCP_DENIED/403 1422 CONNECT 207.46.108.97:1863 http://207.46.108.97:1863 - NONE/- text/html 1208510413.535 1673 192.168.0.106 http://192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.108.93:1863 http://207.46.108.93:1863 - NONE/- text/html 1208510488.270 19 192.168.0.106 http://192.168.0.106 TCP_DENIED/403 1438 CONNECT messenger.hotmail.com:1863 http://messenger.hotmail.com:1863 - NONE/- text/html 1208510609.843 0 192.168.0.117 http://192.168.0.117 TCP_DENIED/403 1426 CONNECT talk.google.com:5222 http://talk.google.com:5222 - NONE/- text/html 1208510609.844 0 192.168.0.117 http://192.168.0.117 TCP_DENIED/403 1430 CONNECT scs.msg.yahoo.com:5050 http://scs.msg.yahoo.com:5050 - NONE/- text/html 1208510616.495 0 192.168.0.117 http://192.168.0.117 TCP_DENIED/403 1426 CONNECT talk.google.com:5222 http://talk.google.com:5222 - NONE/- text/html 1208510617.057 1 192.168.0.117 http://192.168.0.117 TCP_DENIED/403 1430 CONNECT scs.msg.yahoo.com:5050 http://scs.msg.yahoo.com:5050 - NONE/- text/html 1208510637.734 20 192.168.0.106 http://192.168.0.106 TCP_DENIED/403 1438 CONNECT messenger.hotmail.com:1863 http://messenger.hotmail.com:1863 - NONE/- text/html 1208510643.865 31 192.168.0.106 http://192.168.0.106 TCP_DENIED/403 1438 CONNECT messenger.hotmail.com:1863 http://messenger.hotmail.com:1863 - NONE/- text/html 1208510676.014 0 192.168.0.117 http://192.168.0.117 TCP_DENIED/403 1430 CONNECT scs.msg.yahoo.com:5050 http://scs.msg.yahoo.com:5050 - NONE/- text/html snip Where in the acls is this coming from? You have: http_access deny CONNECT !SSL_ports
Re: [squid-users] Chat Apps getting blocked
Odhiambo Washington wrote: snip Hi Amos, Thank you so much. This now works after I created an ACL for them. PS: Does everyone on this list get some e-mail from ANTIGEN blah on some exchange server whenever they send mail to the list or is it just me? You're the first to mention it about Antigen. I usually get 'bad word filter' messages from a bunch of schools when I mention 127.x.x.x/8 or the like. If you check one of the bounces you should be able to see if its directly to you or through the list. Anything like this going through the list needs reporting to [EMAIL PROTECTED] For every post to the list, I get a response with the following data in the body: begin quote Microsoft Antigen for Exchange found a message matching a filter. The message is currently Identified. Message: SUSPECT MAIL_ _squid_users_ Access Controls using MAC address Filter name: KEYWORD= profanity: bastards;sexual discrimination: bastards Sent from: Odhiambo Washington Folder: SMTP Messages\Inbound Location: tesco/First Administrative Group/SW2KE /end quote It's very annoying and I always wonder if squid-users is hosted on a M$ Exchange platform:-) Anyone has a clue as to why I always get this? Mails you send to the list have you as the sender. One of the other list members is behind an annoying 'bad words' filter. You should try to let them know its broken. Or worst-case respond in kind by blocking their email to you. Amos -- Please use Squid 2.6.STABLE19 or 3.0.STABLE4
[squid-users] Chat Apps getting blocked
Hello List, I copycat(ed) a squid.conf from this list a few days ago and did minimal config mods just to allow my network to use it. It works great with youtube caching, but stranegly, it blocks MSN/Yahoo chats, but I sincerely cannot see where this is happening. The file can be access from the following URL: https://212.22.160.35/~wash/squid.conf.txt (I use a self-signed certificate, so please just accept it) I get the following in the access log: 1208510066.248 7255 192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.110.28:1863 - NONE/- text/html 1208510066.726 7850 192.168.0.150 TCP_DENIED/403 1422 CONNECT 207.46.110.89:1863 - NONE/- text/html 1208510100.571847 192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.110.94:1863 - NONE/- text/html 1208510119.339 28 192.168.0.150 TCP_DENIED/403 1422 CONNECT 207.46.110.94:1863 - NONE/- text/html 1208510173.114853 192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.108.13:1863 - NONE/- text/html 1208510216.270668 192.168.0.150 TCP_DENIED/403 1422 CONNECT 207.46.108.85:1863 - NONE/- text/html 1208510300.314852 192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.108.97:1863 - NONE/- text/html 1208510347.723853 192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.108.86:1863 - NONE/- text/html 1208510371.584823 192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.108.66:1863 - NONE/- text/html 1208510408.981 20 192.168.0.150 TCP_DENIED/403 1422 CONNECT 207.46.108.97:1863 - NONE/- text/html 1208510413.535 1673 192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.108.93:1863 - NONE/- text/html 1208510488.270 19 192.168.0.106 TCP_DENIED/403 1438 CONNECT messenger.hotmail.com:1863 - NONE/- text/html 1208510609.843 0 192.168.0.117 TCP_DENIED/403 1426 CONNECT talk.google.com:5222 - NONE/- text/html 1208510609.844 0 192.168.0.117 TCP_DENIED/403 1430 CONNECT scs.msg.yahoo.com:5050 - NONE/- text/html 1208510616.495 0 192.168.0.117 TCP_DENIED/403 1426 CONNECT talk.google.com:5222 - NONE/- text/html 1208510617.057 1 192.168.0.117 TCP_DENIED/403 1430 CONNECT scs.msg.yahoo.com:5050 - NONE/- text/html 1208510637.734 20 192.168.0.106 TCP_DENIED/403 1438 CONNECT messenger.hotmail.com:1863 - NONE/- text/html 1208510643.865 31 192.168.0.106 TCP_DENIED/403 1438 CONNECT messenger.hotmail.com:1863 - NONE/- text/html 1208510676.014 0 192.168.0.117 TCP_DENIED/403 1430 CONNECT scs.msg.yahoo.com:5050 - NONE/- text/html 1208510686.089260 192.168.0.106 TCP_DENIED/403 1438 CONNECT messenger.hotmail.com:1863 - NONE/- text/html 1208510695.114 2 192.168.0.117 TCP_DENIED/403 1430 CONNECT scs.msg.yahoo.com:5050 - NONE/- text/html 1208510695.116 1 192.168.0.117 TCP_DENIED/403 1426 CONNECT talk.google.com:5222 - NONE/- text/html 1208510695.157 0 192.168.0.117 TCP_DENIED/403 1426 CONNECT talk.google.com:5222 - NONE/- text/html 1208510695.158 0 192.168.0.117 TCP_DENIED/403 1430 CONNECT scs.msg.yahoo.com:5050 - NONE/- text/html 1208510731.837 0 192.168.0.117 TCP_DENIED/403 1426 CONNECT talk.google.com:5222 - NONE/- text/html 1208510748.582 0 192.168.0.117 TCP_DENIED/403 1430 CONNECT scs.msg.yahoo.com:5050 - NONE/- text/html Where in the acls is this coming from? Thanks in advance. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Oh My God! They killed init! You Bastards! --from a /. post
Re: [squid-users] Chat Apps getting blocked
Odhiambo Washington wrote: Hello List, I copycat(ed) a squid.conf from this list a few days ago and did minimal config mods just to allow my network to use it. It works great with youtube caching, but stranegly, it blocks MSN/Yahoo chats, but I sincerely cannot see where this is happening. The file can be access from the following URL: https://212.22.160.35/~wash/squid.conf.txt (I use a self-signed certificate, so please just accept it) I get the following in the access log: 1208510066.248 7255 192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.110.28:1863 - NONE/- text/html 1208510066.726 7850 192.168.0.150 TCP_DENIED/403 1422 CONNECT 207.46.110.89:1863 - NONE/- text/html 1208510100.571847 192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.110.94:1863 - NONE/- text/html 1208510119.339 28 192.168.0.150 TCP_DENIED/403 1422 CONNECT 207.46.110.94:1863 - NONE/- text/html 1208510173.114853 192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.108.13:1863 - NONE/- text/html 1208510216.270668 192.168.0.150 TCP_DENIED/403 1422 CONNECT 207.46.108.85:1863 - NONE/- text/html 1208510300.314852 192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.108.97:1863 - NONE/- text/html 1208510347.723853 192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.108.86:1863 - NONE/- text/html 1208510371.584823 192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.108.66:1863 - NONE/- text/html 1208510408.981 20 192.168.0.150 TCP_DENIED/403 1422 CONNECT 207.46.108.97:1863 - NONE/- text/html 1208510413.535 1673 192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.108.93:1863 - NONE/- text/html 1208510488.270 19 192.168.0.106 TCP_DENIED/403 1438 CONNECT messenger.hotmail.com:1863 - NONE/- text/html 1208510609.843 0 192.168.0.117 TCP_DENIED/403 1426 CONNECT talk.google.com:5222 - NONE/- text/html 1208510609.844 0 192.168.0.117 TCP_DENIED/403 1430 CONNECT scs.msg.yahoo.com:5050 - NONE/- text/html 1208510616.495 0 192.168.0.117 TCP_DENIED/403 1426 CONNECT talk.google.com:5222 - NONE/- text/html 1208510617.057 1 192.168.0.117 TCP_DENIED/403 1430 CONNECT scs.msg.yahoo.com:5050 - NONE/- text/html 1208510637.734 20 192.168.0.106 TCP_DENIED/403 1438 CONNECT messenger.hotmail.com:1863 - NONE/- text/html 1208510643.865 31 192.168.0.106 TCP_DENIED/403 1438 CONNECT messenger.hotmail.com:1863 - NONE/- text/html 1208510676.014 0 192.168.0.117 TCP_DENIED/403 1430 CONNECT scs.msg.yahoo.com:5050 - NONE/- text/html snip Where in the acls is this coming from? You have: http_access deny CONNECT !SSL_ports If you really want to allow the chat programs out, then you will need to add an acl for their domain/ports and allow CONNECT for them. Amos -- Please use Squid 2.6.STABLE19 or 3.0.STABLE4
Re: [squid-users] Chat Apps getting blocked
On Mon, Apr 21, 2008 at 4:13 PM, Amos Jeffries [EMAIL PROTECTED] wrote: Odhiambo Washington wrote: Hello List, I copycat(ed) a squid.conf from this list a few days ago and did minimal config mods just to allow my network to use it. It works great with youtube caching, but stranegly, it blocks MSN/Yahoo chats, but I sincerely cannot see where this is happening. The file can be access from the following URL: https://212.22.160.35/~wash/squid.conf.txt (I use a self-signed certificate, so please just accept it) I get the following in the access log: 1208510066.248 7255 192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.110.28:1863 - NONE/- text/html 1208510066.726 7850 192.168.0.150 TCP_DENIED/403 1422 CONNECT 207.46.110.89:1863 - NONE/- text/html 1208510100.571847 192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.110.94:1863 - NONE/- text/html 1208510119.339 28 192.168.0.150 TCP_DENIED/403 1422 CONNECT 207.46.110.94:1863 - NONE/- text/html 1208510173.114853 192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.108.13:1863 - NONE/- text/html 1208510216.270668 192.168.0.150 TCP_DENIED/403 1422 CONNECT 207.46.108.85:1863 - NONE/- text/html 1208510300.314852 192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.108.97:1863 - NONE/- text/html 1208510347.723853 192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.108.86:1863 - NONE/- text/html 1208510371.584823 192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.108.66:1863 - NONE/- text/html 1208510408.981 20 192.168.0.150 TCP_DENIED/403 1422 CONNECT 207.46.108.97:1863 - NONE/- text/html 1208510413.535 1673 192.168.0.106 TCP_DENIED/403 1422 CONNECT 207.46.108.93:1863 - NONE/- text/html 1208510488.270 19 192.168.0.106 TCP_DENIED/403 1438 CONNECT messenger.hotmail.com:1863 - NONE/- text/html 1208510609.843 0 192.168.0.117 TCP_DENIED/403 1426 CONNECT talk.google.com:5222 - NONE/- text/html 1208510609.844 0 192.168.0.117 TCP_DENIED/403 1430 CONNECT scs.msg.yahoo.com:5050 - NONE/- text/html 1208510616.495 0 192.168.0.117 TCP_DENIED/403 1426 CONNECT talk.google.com:5222 - NONE/- text/html 1208510617.057 1 192.168.0.117 TCP_DENIED/403 1430 CONNECT scs.msg.yahoo.com:5050 - NONE/- text/html 1208510637.734 20 192.168.0.106 TCP_DENIED/403 1438 CONNECT messenger.hotmail.com:1863 - NONE/- text/html 1208510643.865 31 192.168.0.106 TCP_DENIED/403 1438 CONNECT messenger.hotmail.com:1863 - NONE/- text/html 1208510676.014 0 192.168.0.117 TCP_DENIED/403 1430 CONNECT scs.msg.yahoo.com:5050 - NONE/- text/html snip Where in the acls is this coming from? You have: http_access deny CONNECT !SSL_ports If you really want to allow the chat programs out, then you will need to add an acl for their domain/ports and allow CONNECT for them. Hi Amos, Thank you so much. This now works after I created an ACL for them. PS: Does everyone on this list get some e-mail from ANTIGEN blah on some exchange server whenever they send mail to the list or is it just me? For every post to the list, I get a response with the following data in the body: begin quote Microsoft Antigen for Exchange found a message matching a filter. The message is currently Identified. Message: SUSPECT MAIL_ _squid_users_ Access Controls using MAC address Filter name: KEYWORD= profanity: bastards;sexual discrimination: bastards Sent from: Odhiambo Washington Folder: SMTP Messages\Inbound Location: tesco/First Administrative Group/SW2KE /end quote It's very annoying and I always wonder if squid-users is hosted on a M$ Exchange platform:-) Anyone has a clue as to why I always get this? -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Oh My God! They killed init! You Bastards! --from a /. post