Date: Thu, 4 May 2006 01:31:07 -0500 From: "Travis H." <solinym@gmail.com> To: "Max Laier" <max@love2party.net> Cc: freebsd-pf@freebsd.org Subject: Re: Something is wrong Message-ID: <d4f1333a0605032331w1545e27eo1b2d2735fa896b50@mail.gmail.com> In-Reply-To: <200605040733.06283.max@love2party.net> References: <20060504034002.20589.qmail@web31609.mail.mud.yahoo.com> <200605040733.06283.max@love2party.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 5/4/06, Max Laier <max@love2party.net> wrote: > On Thursday 04 May 2006 05:40, Aguiar Magalhaes wrote: > > I have a lot of Windows Internet Explorer browsers in > > the > > LAN and they are marked to use the proxy at 3128 port. > > > > The pf and squid are in the same machine. I'm not > > using transparent proxy on pf. I don't have any > > redirections to proxy. > > and there is your problem. If your client is configured to use the proxy= it > will just do that. That means it won't even attempt to make a direct > connection to any server. IIRC you can configure ie to exclude certain I= P > ranges or domains from being proxied. Yes, you can exclude domains. You might even be able to do so via a group policy, and push it out to all the clients at once, or something. I don't know, it's not a pf problem. > Another > one is to fix the configuration of your proxy. Specifically, you need to look at the part of your squid.conf where it defines "safe_ports", and configure it to allow requests to all ports, not just the "safe" ones. This is not a pf problem either. Along the way you'll notice that there are three kinds of requests made to HTTP proxies (not including WebDAV). There's GET and POST, which has the proxy do HTTP, and a CONNECT request, which just does a raw TCP connection to the target. You may need to use that for some of these ports. Good luck. -- "Curiousity killed the cat, but for a while I was a suspect" -- Steven Wrig= ht Security Guru for Hire http://www.lightconsulting.com/~travis/ -><- GPG fingerprint: 9D3F 395A DAC5 5CCC 9066 151D 0A6B 4098 0C55 1484
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d4f1333a0605032331w1545e27eo1b2d2735fa896b50>