Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Contribs.org Forums
  3. General Discussion
  4. Topic: Access https via port 543
« previous next »
Pages: [1]   Go Down

Access https via port 543

  • 3 Replies
  • 2582 Views

Offline OzMoosis

  • **
  • 46
  • +0/-0
Access https via port 543
« on: March 07, 2007, 02:39:20 PM »
Hi,

Since the update to SME 7.1.2 I have encountered this problem:

In 2 different locations I have 2 SME servers, one acts as gateway, the other is server-only. At the server-only location I have port 543 routed (through the ADSL modem there) to port 443 on the SME server. When I now try to access the server-manager at that location (https://www.xxx.com:543/server-manager) I get this error:

Access Denied.
Access control configuration prevents your request from being allowed at this time.

I have it set up like this beacause there are multiple HTTPS sites at the location in question.

Am I right in thinking that this is a Squid-thing, and if so how can I change the configuration to allow access through port 543?

Thanks,

Oz

(Sorry, put this in wrong forum...)
Logged

Offline bpivk

  • *
  • 908
  • +0/-0
    • http://www.bezigrad.com
Access https via port 543
« Reply #1 on: March 07, 2007, 04:22:01 PM »
This should work (i have found this using the search function). :)

Try this. Edit you /etc/squid/squid.conf file. On the acl SSL_ports line add 5443. Then do a
/etc/rc.d/rc7.d/S90squid restart

Try your connection. If it doesn't work, then try the same edit but on the acl Safe_ports line, and restart squid.

If one of the above options work, then go to
/etc/e-smith/templates/etc/squid/squid.conf and either edit 20ACL15SSL_ports or 20ACL15Safe_ports depending on which worked above.

Then do a /sbin/signal-event/expand-template
/etc/squid/squid.conf, then restart squid again and you will be in business.

If you'd rather use a templates-customer template you could do that as well. mkdir -p /etc/e-smith/templates-custom/etc/squid/squid.conf. Then copy one of the 2 20ACL files from above to this directory, make your changes, expand template, and restart squid.[/quote]
Logged
"It should just work" if it doesn't report it. Thanks!

Offline OzMoosis

  • **
  • 46
  • +0/-0
Access https via port 543
« Reply #2 on: March 07, 2007, 05:23:19 PM »
Thanks, bpivk,

worked perfectly! And good find by the way, I hadn't found this answer!!

Oz
Logged

Offline mrjhb3

  • *
  • 1,188
  • +0/-0
    • John Bennett Services
Access https via port 543
« Reply #3 on: March 08, 2007, 12:00:14 AM »
I've had to do the same thing recentry for some SSL_ports.  What would be better is if someone opened a NFR to have a SSLPorts DB entry added for squid.  The SafePorts are already there, so it shouldn't take much to add the SSLPorts

config show squid
squid=service
    EnforceSafePorts=no
    SafePorts=21,70,80,81,119,210,443,563,980,1024-65535
    TCPPort=3128
    TCPProxyPort=80:3128
    TransparentPort=3128
    access=private
    status=enabled


That way users could do - config setprop squid SSLPorts 443,10000 ; signal-event remoteaccess-update.

I may try to open the request myself in the next few days.

John
Logged
......
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Contribs.org Forums
  3. General Discussion
  4. Topic: Access https via port 543