[squid-users] cache_object denied

Thu, 03 Jun 2010 16:23:08 -0700 

Dear all
i would like to use squidclient in order to get informations from squid 3.1.4 

but squid does not want to accept connexions:


mail - - [03/Jun/2010:19:03:05 -0400] "GET cache_object://127.0.0.1/info 
HTTP/1.0" 407 3451 TCP_DENIED:NONE
mail - - [03/Jun/2010:19:03:05 -0400] "GET 
cache_object://127.0.0.1/counters HTTP/1.0" 407 3467 TCP_DENIED:NONE


here is is my config , what's wrong ? :



auth_param basic program /usr/lib/squid3/squid_ldap_auth -b 
"dc=my-domain,dc=com" -D "cn=admin,dc=my-domain,dc=com" -w ***** -f 
"(&(objectClass=userAccount)(uid=%s))" -v 3 -h 127.0.0.1

#--------- GLOBAL

external_acl_type ldap_group %LOGIN /usr/lib/squid3/squid_ldap_group -D 
"cn=admin,dc=my-domain,dc=com" -w ****** -b "dc=my-domain,dc=com"  -f 
"(&(objectClass=posixGroup)(gidNumber=%a)(memberUid=%v))" -S -v 3 -h 
127.0.0.1

auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
acl ldapauth proxy_auth REQUIRED
http_access allow ldapauth
auth_param basic credentialsttl 2 hour
authenticate_ttl 1 hour
authenticate_ip_ttl 60 seconds

acl malware_block_list url_regex -i "/etc/squid3/malwares.acl"
acl blockedsites url_regex "/etc/squid3/squid-block.acl"
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/32
acl CONNECT method CONNECT
acl manager proto cache_object
acl office_network src 192.168.1.0/24
acl group_password external ldap_group



acl Safe_ports port 80  #http
acl Safe_ports port 21  #ftp
acl Safe_ports port 22  #ssh
acl Safe_ports port 443 563     #https, snews
acl Safe_ports port 1863        #msn
acl Safe_ports port 70  #gopher
acl Safe_ports port 210 #wais
acl Safe_ports port 1025-65535  #unregistered ports
acl Safe_ports port 280 #http-mgmt
acl Safe_ports port 488 #gss-http
acl Safe_ports port 591 #filemaker
acl Safe_ports port 777 #multiling http
acl Safe_ports port 631 #cups
acl Safe_ports port 873 #rsync
acl Safe_ports port 901 #SWAT#
http_access allow localhost
http_access allow manager localhost
http_access deny malware_block_list
http_access deny blockedsites
http_access allow ldapauth
http_access allow group_password
http_access allow office_network
http_access deny !Safe_ports
http_access deny all


best regards






















					Reply via email to