Hi everybody,Hello,I just installed Squid/2.3.STABLE4 and SquidGuard (1.1.4 - Berkeley DB 2.7.7) on a PC (Mandrake Single Network Firewall 7.2, kernel 2.2).
The configuration is made with a web front end (from Mandrake), so the squid.conf and squidGuard.conf should be good (see below).
But when I try to acces an URL (from another computer of my LAN) with my web browser (well configured to talk to the proxy), I always get the answer :The requested URL could not be retrieved
The following error was encountered: Access Denied.
Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.
Your cache administrator is root.
Generated Thu, 11 Oct 2001 14:59:59 GMT by proxy1.geomath.fr (Squid/2.3.STABLE4)SquidGuard is not running in emergency mode, the log file doesn't seem to report an error.
The different files and directories (/var/log/squidGuard, /usr/share/squidGuard-1.1.4/db, /etc/squid/squidGuard.conf ...) are owned by user/group squid/squid
If I use Squid without SquidGuard, I can acces the proxy (and so the web) correctly.
I found a solution to my problem (Mandrake problem ?), but first I want to thank all the persons who tried to help me (Florin, Alberto, Fabrice ...).
On a Mandrake Single Network Firewall 7.2, the configuration of Squid
and SquidGuard is made from a web interface (remote access), so the configuration
files (squid.conf and squidGuard.conf) don't need to be manipulated manually
(they are overwriten if you restart Squid anyway).
All the rules you enter in SquidGuard (with the help of the interface)
are stored in the database (/usr/share/squidGuard-1.1.4/db). But when you
specifie the network allowed to use the proxy, it should be passed also
as an ACL to Squid (squid.conf), which deny all http access by default.
This is not done, so all the request fail (Squid access denied). I don't
know if it is a bug from the Mandrake distribution or a problem on the
owner of squid.conf : this file is created when you start Squid (with the
front end) and it's owned by the root. After, when you enter the rules
in SquidGuard, the file is not rewriten, and the current user is "squid". The
modifications are only available in the database ...
The solution I found is to add my authorized network in squid.conf
(acl my_network src 192.168.10.0/24 and http_access allow my_network).
But like I said previously, the configuration files are rewriten (from
a template and from the database) when Squid is restarted, so the modifications
are not definitive. Finally, the solution is to add the network in the
template file from which squid.conf is created : /usr/share/naat/templates/etc/squid/squid.conf.
Maybe my problem will help someone
-- __________________________________________ Frédéric FOURCHON administrateur système
email : [EMAIL PROTECTED] 232, avenue Napoleon Bonaparte 92502 Rueil Malmaison, FRANCE
