I'm stumped at the moment and I've been doing firewalls and setting up
squid for years.
My client has an ISP firewall, their own firewall, a proxy on the DMZ and
an internal firewall and wishes to access a couple of http based services
on ports 81 and 8000. Not usually a problem. I have logged into the proxy
server and successfully used the services with lynx so there really isn't
a firewall issue as far as I can tell.
When I set the http_proxy environment variable to http://127.0.0.1:3128/
lynx will use the proxy. When I try this:-
lynx http://www.some.site:81/ it returns a 503 and I can see NO PACKETS
going to the site with tcpdump. Exactly the same with port 8000. The error
page returned by squid reports 503 and permission denied, as does the
access.log I tried the same thing from our proxy server which is the exact
same version and there's no problem leading me to think it's configuration
of squid. I tried setting up squid from scratch again and no luck although
I did not clear the existing cache (it's a busy proxy, don't want to do
that). I will try moving the cache away after hours though.
The response is so quick it's not even trying (as verified by packet
dump). Any thoughts from other experts?
access.log entry
1153800571.919 164 127.0.0.1 TCP_MISS/503 1378 GET
http://customer.xxxxxx.com:81/ - DIRECT/- text/html
exact response (site censored) from squid below
ERROR: The requested URL could not be retrieved (p1
of 2)
ERROR
The requested URL could not be retrieved
_________________________________________________________________
While trying to retrieve the URL: http://customer.xxxxxxx.com:81/
The following error was encountered:
* Connection to Failed
The system returned:
(13) Permission denied
The remote host or network may be down. Please try the request again.
Your cache administrator is root.
_________________________________________________________________
ERROR: The requested URL could not be retrieved (p2
of 2)
Generated Tue, 25 Jul 2006 04:09:31 GMT by proxy.xxxxxx.nsw.edu.au
(squid/2.5.STABLE13)
--
---<GRiP>---
Grant Parnell - senior LPIC-1 certified consultant
EverythingLinux services - the consultant's backup & tech support.
Web: http://www.everythinglinux.com.au/support.php
We're also busybits.com.au and linuxhelp.com.au and elx.com.au.
Phone 02 8756 3522 to book service or discuss your needs.
ELX or its employees participate in the following:-
OSIA (Open Source Industry Australia) - http://www.osia.net.au
AUUG (Australian Unix Users Group) - http://www.auug.org.au
SLUG (Sydney Linux Users Group) - http://www.slug.org.au
LA (Linux Australia) - http://www.linux.org.au
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
