Search squid archive

Re: [squid-users] Access denied

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello,

the ACL all is defined like

acl all src 0.0.0.0/0.0.0.0

I have never changed anything with this ACL.

What is funny, is that we have to Squidboxes, that are both configured the
same, and only one has this problem. (And 3 weeks ago both were fine...)

Regards
Stefan




                                                                           
             Henrik Nordstrom                                              
             <hno@squid-cache.                                             
             org>                                                       To 
                                       Stefan.Vogel@xxxxxxxxx              
             10.05.2005 14:24                                           cc 
                                       Henrik Nordstrom                    
                                       <hno@xxxxxxxxxxxxxxx>,              
                                       squid-users@xxxxxxxxxxxxxxx         
                                                                   Subject 
                                       Re: [squid-users] Access denied     
                                                                           
                                                                           
                                                                           
                                                                           
                                                                           
                                                                           






On Tue, 10 May 2005 Stefan.Vogel@xxxxxxxxx wrote:

> Hello,
>
> I tried and get this in access.log
> 172.25.9.90 - - [10/May/2005:11:55:34 +0200] "GET http://www.heise.de/
> HTTP/1.1" 407 1802 TCP_DENIED:NONE
> 172.25.9.90 - vogels [10/May/2005:11:55:41 +0200] "GET
http://www.heise.de/
> HTTP/1.1" 403 1381 TCP_DENIED:NONE
>
> and this in cache.log
> 2005/05/10 11:55:34| The request GET http://www.heise.de/ is DENIED,
> because it matched 'inet_users'
> 2005/05/10 11:55:34| The reply for GET http://www.heise.de/ is ALLOWED,
> because it matched 'all'
> 2005/05/10 11:55:41| The request GET http://www.heise.de/ is DENIED,
> because it matched 'all'
> 2005/05/10 11:55:41| The reply for GET http://www.heise.de/ is ALLOWED,
> because it matched 'all'
>
> in squid.conf I have
> ....
> http_access allow inet_users
> ...
> http_access deny all
> ...
>
> the acl inet_users is the ldap-group-helper, and of course I am in that
> group.
>
> I don't understand why there is ALLOWED because it matches ALL...

Don't worry, its the http_reply_access check (hinted by "The reply for
...." in the debug message)

More interesting is the "The request GET http://www.heise.de/ is DENIED,"
line.. how is the acl "all" defined in your config?

Regards
Henrik



[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux