SQUID proxy wont work HTTPS? SOLVED
-
Hi,
I was wondering if someone else has had this issue before. As this is not my first time installing WPAD i have been scratching my head on why its not working. A put a new install of 2.3.5 with squid and squidguard. Whats odd is that the wpad is works and it finds it if i put http://wpad.mydomain.local/wpad.dat and it downloads the file what the wierd part is that https wont work but i see on the log its filtering only works http I have no idea why.These are the steps i took.
- first install squid and squidguard then turn it on and reboot
2) then create proxy.pac and put it in /usr/local/www/
function FindProxyForURL(url, host) { //proxy wpad.mydomain.local:3128 == 192.168.10.251:3128; var wpad = "PROXY wpad.mydomain.local:3128"; host = host.toLowerCase(); var hostIP = dnsResolve(host); if (hostIP == 0) return wpad; if (isPlainHostName(host)) return "DIRECT"; if (shExpMatch(host, ".local")) return "DIRECT"; //mi dominio mydomain.local; if (shExpMatch(host, ".casa.local")) return "DIRECT"; //redes privadas; if (isInNet(dnsResolve(host), "127.0.0.0", "255.0.0.0")) return "DIRECT"; if (isInNet(dnsResolve(host), "10.0.0.0", "255.0.0.0")) return "DIRECT"; if (isInNet(dnsResolve(host), "10.0.0.0", "255.255.0.0")) return "DIRECT"; if (isInNet(dnsResolve(host), "10.0.0.0", "255.255.255.0")) return "DIRECT"; //end mi red privada; if (isInNet(dnsResolve(host), "192.168.0.0", "255.255.0.0")) return "DIRECT"; if (isInNet(dnsResolve(host), "192.168.0.0", "255.255.255.0")) return "DIRECT"; if (isInNet(dnsResolve(host), "172.16.0.0", "255.240.0.0")) return "DIRECT"; if (shExpMatch(host, "fe80::*")) return "DIRECT"; if (shExpMatch(url, "http:*")) return wpad; if (shExpMatch(url, "https:*")) return wpad; return wpad; }then i would go to /usr/local/etc/nginx/mime.types
and add this
application/x-ns-proxy-autoconfig pac; application/x-ns-proxy-autoconfig dat; application/x-ns-proxy-autoconfig da;Then on dns resolver create a host override (see picture)
then create sym link
ln -s /usr/local/www/proxy.pac /usr/local/www/wpad.datln -s /usr/local/www/proxy.pac /usr/local/www/wpad.daThen on the LAN create the rules ( see picture)
the WPAD part was already implemented before using 2.2.4 on a windows server which runs the DNS and DHCP so i know thats not the issue
Thank you
-
??? Your squidguard table seems to think https is working.
-
I know thats whats odd. i just uninstalled squidguard updated to 2.4 and no dice either. any other ideas?
-
Can you describe the nature of the actual problem? Timeouts, error messages…?
-
Thanks for the reply, the timeout error is that it cannot find proxy, when it i clearly put it in as it does not respond to it. I check the logs and is see that the proxy is working, the weirdest thing i have ever seen.
Thank you
-
Can you show the access.log when that client is actually making a request through the proxy? All it show now is you talking to WebGUI. Do you have IPv6 enabled?
-
Thanks for the reply, im attaching the file, and no IPV6
-
Sorry for the delay, I have the flu. Squid looks like it's working. Your access.log is full of valid connection info, lots of https connections.
What specifically is making you believe that https isn't working?
-
Dont worry hope you get better "winter is coming" but what did the trick was ticking Resolve DNS IPv4 First with that it worked everything so odd i have never seen this before
Thank you
