Well Joe,
What makes me think it's SQUID?
If I bypass SQUID but still use the firewall, everything
is fine. Also, like I said before, I was unable to access
.cgi files, but when I removed the line I mentioned
before from the squid.conf file, it suddenly worked.
I.e. the line is there, I cannot access .cgi files ;
the lines not there, I can access .cgi files...
That in itself proves that SQUID was denying at least
the .cgi files.
Lastly, if I visit plain .html / .htm (and now .cgi :) sites,
SQUID works like a charm behind the firewall. It just seem to
have a hassle with the .pl extension...
I have read the firewall section, and that's why SQUID works OK
through it, EXCEPT for instances like the above. Perhaps you could
be more specific on what part I misunderstood / missed in the
FW section.
I'm asking, I do not know the answers ...........
Marius Etsebeth
Joe Cooper wrote:
>
> Marius Etsebeth wrote:
> > Hi people,
> >
> > I tried to download evaluation software from a site
> > and got the error below. (I'm using squid version 2.4 stable 6
> > on Mandrake 7.2.)
> >
> > ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> > While trying to retrieve the URL:
> > http://www.ipswitch.com/cgi/download_eval.pl
> >
> > The following error was encountered:
> >
> > Connection Failed
> >
> > The system returned:
> >
> > (113) No route to host
> >
> > The remote host or network may be down. Please try the request again.
> > ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> >
> > I had similar problems when I tried to access sites
> > where the files were CGI files with ".cgi" extensions.
> > However, when I removed the "hierarchy_stoplist cgi-bin ?"
> > entry from the squid.conf file, I could access these particular
> > sites.
>
> What makes you think Squid is denying your request? The error you've
> shown says it can't connect. Have you read the FAQ entry on running
> Squid behind a firewall?
>
> > I suspect if I tried to access .php sites, I may get the same error.
> >
> > Any reason for this and how do I fix it?
>
> Probably read the Squid through a firewall section of the FAQ.
>
> > A second question.
> >
> > Is it possible to set up squid inside a firewall
> > so that firstly squid does the authentication and then,
> > secondly, the firewall as well?
>
> No.
>
> > I suspect not. As far as I can figure out, HTTP is not happy
> > with dual authentication methods.....
>
> You suspect right.
> --
> Joe Cooper <joe@swelltech.com>
> http://www.swelltech.com
> Web Caching Appliances and Support
Received on Wed Apr 10 2002 - 00:13:20 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:30 MST