On Tue, 10 May 2005 Stefan.Vogel@xxxxxxxxx wrote:
Hello,
I tried and get this in access.log 172.25.9.90 - - [10/May/2005:11:55:34 +0200] "GET http://www.heise.de/ HTTP/1.1" 407 1802 TCP_DENIED:NONE 172.25.9.90 - vogels [10/May/2005:11:55:41 +0200] "GET http://www.heise.de/ HTTP/1.1" 403 1381 TCP_DENIED:NONE
and this in cache.log 2005/05/10 11:55:34| The request GET http://www.heise.de/ is DENIED, because it matched 'inet_users' 2005/05/10 11:55:34| The reply for GET http://www.heise.de/ is ALLOWED, because it matched 'all' 2005/05/10 11:55:41| The request GET http://www.heise.de/ is DENIED, because it matched 'all' 2005/05/10 11:55:41| The reply for GET http://www.heise.de/ is ALLOWED, because it matched 'all'
in squid.conf I have .... http_access allow inet_users ... http_access deny all ...
the acl inet_users is the ldap-group-helper, and of course I am in that group.
I don't understand why there is ALLOWED because it matches ALL...
Don't worry, its the http_reply_access check (hinted by "The reply for ...." in the debug message)
More interesting is the "The request GET http://www.heise.de/ is DENIED," line.. how is the acl "all" defined in your config?
Regards Henrik
