Pfsense 2.2 - squid3 - skype + icq: error:invalid-request - HIER_NONE/- text/htm



  • Hi,

    I am running latest squid3 package with antivirus enabled and http and htpps in transparent mode. Browsing the web works.
    But then I tried to get access with skype and icq (miranda) but it does not co0nnect.

    When trying to connect with skype I cannot login and I get many of the following entries in access.log:

    1423411326.707      0 192.168.10.100 TAG_NONE/400 4059 NONE error:invalid-request - HIER_NONE/- text/html
    1423411328.749      0 192.168.10.100 TAG_NONE/400 4139 NONE error:invalid-request - HIER_NONE/- text/html
    1423411422.486      0 192.168.10.100 TAG_NONE/400 4133 NONE error:invalid-request - HIER_NONE/- text/html
    1423411433.619      0 192.168.10.100 TAG_NONE/400 4199 NONE error:invalid-request - HIER_NONE/- text/html
    1423411439.544      0 192.168.10.100 TAG_NONE/400 3983 NONE error:invalid-request - HIER_NONE/- text/html
    1423411440.544      0 192.168.10.100 TAG_NONE/400 4104 NONE error:invalid-request - HIER_NONE/- text/html
    1423411556.791      0 192.168.10.100 TAG_NONE/400 4219 NONE error:invalid-request - HIER_NONE/- text/html
    1423411655.342      0 192.168.10.100 TAG_NONE/400 4214 NONE error:invalid-request - HIER_NONE/- text/html
    1423411672.636      0 192.168.10.100 TAG_NONE/400 4052 NONE error:invalid-request - HIER_NONE/- text/html

    When I add the local pc's IP address to the "source bypass" of squid then it works.

    For Miranda (ICQ) it is the same. I cannot connect until I add the client's IP address to the bypass section. For Miranda(ICQ) I do not get any log in access.log.

    So my questions are:
    What do the access.log logs mean?
    How to allow skype and Miranda (ICQ) to connect but without allowing the client IP at all?



  • While intercepting port 443, on http protocol will work.

    Skype uses port 443 but it's protocol is not http.

    That's why it's not working


Log in to reply