I think you should have a matching never_direct line.. Regards Henrik
George Dominguez wrote: > > Hello everyone, > > We have two type of users, those whom are allow direct access onto the > University of Queensland databases, and those whom need to validate them > self's. > > In order to achieve the above requirement, we created an acl rule set, the > "exeption-entries" file has the ip's range. > 10.1.1.4 is another redhat 8 squid proxy server, 10.1.1.4 nat's through the > firewall, and it's allowed direct access to the University of Queensland > databases. > > Here is the acl from my squid.conf: > > # If an IP is from the exception-entry list, then > # pass the request to 10.1.1.4 proxy server. > acl StaffNet src "/usr/local/squid/etc/exception-entries" > acl uqlib dstdomain .uq.edu.au > cache_peer 10.1.1.4 parent 3128 3130 > cache_peer_access 10.1.1.4 allow StaffNet uqlib > cache_peer_access 10.1.1.4 deny all > > It all works fine. With the exception that every now and then I get a phone > call from an exception user telling me that they were prompt to validate. > > In order to get around this issue, I run squid -k reconfigure and it all > works again, until, the next telephone call. > > Any ideas as to what could be making this service fail every now and then? > > Regards > George > > ===================================================== > Privileged/Confidential Information may be contained in this message. If > you are not the addressee (or responsible for delivery of the message to > the addressee), you may not copy or deliver this message to anyone. In such > a case, you should destroy this message and kindly notify the sender by > reply e-mail. Opinions, conclusions and other information in this message > that do not relate to the official business of my employer shall be > understood as neither given nor endorsed by it.
