Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid and Blocked Production Servers

    Cache/Proxy
    2
    2
    569
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      SamSquanch
      last edited by

      I activated Squid to enable virus scanning and it seems to work well. I got a call this morning that users on the production terminal server servers cannot access a website any more.

      I have a rule to block all internet access accept for the websites I want to allow on servers. So there is an Alias with the IP address and domain names of sites to allow through.

      Now that the traffic is going through Squid sites that worked before no longer work.

      I checked the logs and saw that my rule to block all internet after the allow rules have been processed was blocking 127.0.0.1:3128.

      If I add 127.0.0.1:3128 to the allow list it opens up access to the whole internet which is not good.

      I tried adding:

      acl local-servers dstdomain my.domain.net
      always_direct allow local-servers

      to Custom ACLS (Before Auth) and that didn't change anything.

      Any ideas?

      1 Reply Last reply Reply Quote 0
      • K
        killmasta93
        last edited by

        i would not recomend squid to use the virus scan, it takes a lot of resources and for what i saw its not that stable, i had this enabled it gave me issues when a user wanted to hear music though itunes or radio fm online

        Tutorials:

        https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.