we are using squid 2.7-Stable6 and SquidGuard 1.4
I think the URLs that are causing trouble are similar to this one:
Rick Chisholm wrote:
> it's just redirecting to login.yahoo.com again... but with a long URL, I
> will do some more digging and get you a more specific answer.
>
> I will also check, but I'm pretty sure we are at the latest available
> squid 2.7 BSD port. I will post back more accurate details.
>
> Amos Jeffries wrote:
>> On Mon, 10 Aug 2009 22:17:54 -0400, Rick Chisholm <rchisholm_at_parallel42.ca>
>> wrote:
>>> In this config - squid is using it's own dnsservers setting in
>>> squid.conf in order to avoid the local resolver setting on the OS. We
>>> are essentially using squid to avoid openDNS for a particular group at
>>> work who need access to things we usually block.
>>>
>>> The Yahoo login page immediately redirects to some other, much longer
>>> URL and that where Squid seems to run into trouble. Using dig to test
>>> the same resolvers that Squid is using does not return an error when
>>> querying for login.yahoo.com - squid also functions perfectly fine with
>>> other login pages like hotmail, gmail etc. It seems to be just Yahoo.
>> And the domain to which its redirecting?
>>
>> It may be a matter of the URL vs Squid release. Do try latest release of
>> the version you are currently using, there are both DNS and URL-length
>> fixes in the more current ones.
>>
>> Amos
>>
>>> Amos Jeffries wrote:
>>>> On Mon, 10 Aug 2009 22:01:40 -0400, Rick Chisholm
>>>> <rchisholm_at_parallel42.ca>
>>>> wrote:
>>>>> what's up with Squid and https://login.yahoo.com?
>>>>>
>>>>> Our marketing dept. at work needs access to Yahoo Analytics, but they
>>>>> have to login via Yahoo! regular login. Squid complains about a DNS
>>>>> resolution issue but names the link as
>>>>>
>>>>> http://443
>>>>>
>>>>> It's quite odd.
>>>> The strange link is due to some older Squid (3.x?) not generating the
>>>> error
>>>> page link correctly for HTTPS.
>>>>
>>>> The problem is still Squid being unable to perform DNS lookups or
>> getting
>>>> no results back for the domain.
>>>> Try a newer release if you can and figure out why its not getting any
>> DNS
>>>> results back from the resolver.
>>>>
>>>> Amos
>>>>
>
>
-- Rick Chisholm sysadmin Parallel42 e. rchisholm_at_parallel42.ca m. 519-325-8630 w. www.parallel42.caReceived on Wed Aug 12 2009 - 02:12:34 MDT
This archive was generated by hypermail 2.2.0 : Thu Aug 13 2009 - 12:00:03 MDT