I have a Slackware 9.1 Kernel 2.4.22-grsec Proxy server that is not allowing
MS Win update to scan the Win 2K workstations inside my intranet.
For the first time that i set Proxy as transparent adding the follow line
inside my rc.firewall,
iptables -t nat -A PREROUTING -i $INT -p tcp --dport 80 -j REDIRECT
--to-port 3128
,Win update has worked, after that, seens like a win update page is still
in the cache. I created cache again and nothing. I put win update page as
no_cache and microsoft.com as always_direct as follow:
acl win urlpath_regex windowsupdate
no_cache deny win
acl sitewin dstdomain .microsoft.com
always_direct allow sitewin
and it still not working. In the troubleshoot page of win update the error
reported is from SSL connection, the SSL 443 port is opened to forward in
the firewall,
iptables -A FORWARD -i $INT -o $EXT -p tcp --dport 443 -j ACCEPT
and squid.conf is setting to allow SSL_ports
acl SSL_ports port 443 563
http_access deny CONNECT !SSL_ports
What can be happening?
Anybody can help me solving this problem?
Regards,
Marcos Andre Freitas
Project Manager
Linux Associates
Received on Thu Oct 02 2003 - 14:43:45 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:20:16 MST