Webpage not displaying through Squid

I have a simple Squid installation with LDAP authentication at home as an internet filter for the family. Everything is working great except that when we try to go to http://www.webkinz.com, we only get a blank page. If I bypass Squid the page displays fine.

The access.log has the following entries:
Code:
1248659568.234     99 192.168.75.122 TCP_MISS/304 437 GET http://www.webkinz.com/ - DIRECT/66.114.49.63 -
1248659568.252      0 192.168.75.122 TCP_DENIED/403 2374 GET http://www.webkinz.com/assets/scripts/detectFlash.js - NONE/- text/html
1248659568.253      1 192.168.75.122 TCP_DENIED/403 2374 GET http://www.webkinz.com/assets/stylesheets/splash.css - NONE/- text/html
1248659568.254      1 192.168.75.122 TCP_DENIED/403 2380 GET http://www.webkinz.com/assets/scripts/detectCookies.js - NONE/- text/html

Can somebody help me understand what these entries mean and what I need to do to correct this problem?

Thanks in advance
 
What does 'Internet Filter' mean? It looks like this site is blacklisted by something used for the filtering. If I look at how the denying of these URLs takes place, I'd say that the word 'ass' is filtered by a word blacklist.
 
DutchDaemon,

Take "SOB" for example. I understand that if used in a blacklist it will filter words like sobrina or sobbing. That, I would expect and understand.

What you failed to read is that squid is not replaying with an "Access Denied" error page, it only provides a blank page. This doesn't seem normal filtering behavior for squid.

Something else, besides acl statements, seems to be going on here that I cannot figure out, and that's what I need help with.

Thanks in advance
 
I didn't fail to read "TCP_DENIED/403" in your access log, which is an "access denied" result code, whether an error page shows up or not. So the question remains: are you filtering on word lists?
 
Yes, I have a blacklist with a bunch of words but no one has any simmilarity to webkinz. Do you think Squid is filtering Flash or Javascript?
 
@mbr661: As mentioned, it's best to trust what you see in access.log (rather than necessarily relying on client behaviour). I just wrote up a quick tip on how to troubleshoot ACLs.

I'd recommend following the steps there to determine which access control entry you are matching (and being denied by).
 
Thank you both for your help, I did not have the word "ass" on the blacklist, but did have "/ass". Scanning the list missed it, but using the instructions from anomie picked it up.

I'm greatful for your time!!
 
Back
Top