Bonsoir,
j’utilise squid sur deban squeeze comme proxy.
Mon serveur utilise un portail captif avec un server dhcp configurer.
apres ma configuration je constate que mes clients ne peuvent pas afficher les site
sous la forme http mais seulement https fonctionne.
quelque ligne du fichié squid.conf
[code]#Recommended minimum configuration:
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
Example rule allowing access from your local networks.
Adapt to list your (internal) IP networks from where browsing
should be allowed
acl localnet src 10.1.0.0/24 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl SSL_ports port 443 # https
acl SSL_ports port 563 # snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
acl lanhome src 10.1.0.0/255.255.255.0
#Default:
http_access deny all
#Recommended minimum configuration:
Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager
Only allow purge requests from localhost
http_access allow purge localhost
http_access deny purge
Deny requests to unknown ports
#http_access deny !Safe_ports
Deny CONNECT to other than SSL ports
#http_access deny CONNECT !SSL_ports
We strongly recommend the following be uncommented to protect innocent
web applications running on the proxy server who think the only
one who can access services on “localhost” is a local user
#http_access deny to_localhost
INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
Example rule allowing access from your local networks.
Adapt localnet in the ACL section to list your (internal) IP networks
from where browsing should be allowed
http_access allow localnet
http_access allow localhost
http_access allow lanhome
And finally deny all other access to this proxy
http_access deny all
TAG: http_access2
Allowing or Denying access based on defined access lists
Identical to http_access, but runs after redirectors. If not set
then only http_access is used.
#Default:
