This script was sent to me by [EMAIL PROTECTED] I have tried this script and I'm getting the same results.
http_port 3128 hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY cache_mem 8 MB cache_swap_low 90 cache_swap_high 95 maximum_object_size 125000 KB minimum_object_size 0 KB maximum_object_size_in_memory 8 KB ipcache_size 1024 ipcache_low 90 ipcache_high 95 fqdncache_size 1024 cache_replacement_policy lru memory_replacement_policy lru cache_dir diskd /var/squid/cache 5000 16 256 access_log /usr/local/squid/var/logs/access.log cache_log /usr/local/squid/var/logs/cache.log cache_store_log /usr/local/squid/var/logs/store.log emulate_httpd_log off log_ip_on_direct on mime_table /usr/local/squid/etc/mime.conf log_mime_hdrs off pid_filename /usr/local/squid/var/logs/squid.pid debug_options ALL,1 log_fqdn off client_netmask 255.255.255.255 diskd_program /usr/local/squid/libexec/diskd unlinkd_program /usr/local/squid/libexec/unlinkd request_header_max_size 10 KB request_body_max_size 0 KB refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 quick_abort_min 16 KB quick_abort_max 16 KB quick_abort_pct 95 negative_ttl 5 minutes positive_dns_ttl 6 hours negative_dns_ttl 5 minutes range_offset_limit 0 KB connect_timeout 2 minutes peer_connect_timeout 30 seconds read_timeout 15 minutes request_timeout 5 minutes persistent_request_timeout 1 minute client_lifetime 1 day half_closed_clients on pconn_timeout 120 seconds acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access allow !Safe_ports http_access allow CONNECT !SSL_ports # acl our_networks src 10.10.30.0/24 http_access allow our_networks # http_access allow all http_reply_access allow all icp_access allow all miss_access allow all cache_mgr webmaster cache_effective_user nobody visible_hostname root unique_hostname root dns_testnames netscape.com internic.net nlanr.net microsoft.com logfile_rotate 31 memory_pools on memory_pools_limit 50 MB forwarded_for off store_avg_object_size 13 KB store_objects_per_bucket 20 #always_direct deny all #never_direct allow all #prefer_direct off snmp_port 3401 coredump_dir /usr/local/squid/var/cache client_persistent_connections on server_persistent_connections on
-------- Original Message -------- Subject: Re: [squid-users] Access Still DENIED Date: Wed, 15 Dec 2004 05:41:32 +0100 From: Lucio Jankok <[EMAIL PROTECTED]> To: TopGun Technician <[EMAIL PROTECTED]>
Let me see your squid.conf
On 12/14/04 2:10 PM, "Merton Campbell Crockett" <[EMAIL PROTECTED]> wrote:
On Mon, 13 Dec 2004, TopGun Technician wrote:
Does someone out their have the answer.
I am still getting access denied when trying to use Squid cache. I have added my network 10.10.30.0/24 to the acl and added the lines to allow access.
I have spent hours on this already and have tried all suggested from this forum. No luck yet.
Running Squid 2.5 stable on Suse 9.1 64 bit server. Server can access the Internet, user is created for squid group on server yet clients do not get web access when using proxy. Access denied.
Squid access controls are similar to CiscoIOS access-lists. The request is evaluated against the conditions in the list in order. The first true condition terminates the evaluation.
There are several access control lists in Squid, i.e. the never and always direct. These can produce unexpected results due to the order of evaluation. This should be in a FAQ.
Merton Campbell Crockett
