Search squid archive

Access denials following Machine name change

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

setup: Gentoo linux (kernel 2.6.15)
       squid-2.5.12

Following a recent name change to the HOST squid runs on, I continue
to get odd access denials after having carefully gone thru the squid
config files I found  only one  place where the old HOST name
appeared.  `visible_hostname' and of course changed that.

I've also rm 'ed the old /var/cache/squid with:
  rm -rf /var/cache/squid/*

And rebuilt it with a restart of squid.

Still I get denials at places where I didn't before and example might
be loging into an online banking session.

I'm able to get to the bank but get denied when I attempt to login:
  
    While trying to retrieve the URL: www.corusbankhb.com:443
  
  The following error was encountered:
  
      * Access Denied.
  
        Access control configuration prevents your request from being
        allowed at this time. Please contact your service provider if
        you feel this is incorrect.
  
  Your cache administrator is root.
  
  Generated Thu, 02 Mar 2006 12:12:56 GMT by reader.local.lan
  (squid/2.5.STABLE12)

The last line shows the correct host name.
Prior to the rename this didn't happen.

Squid.conf details:

grep -v '^#\|^$' /etc/squid/squid.conf

  hierarchy_stoplist cgi-bin ?
  acl QUERY urlpath_regex cgi-bin \?
  no_cache deny QUERY
  auth_param basic children 5
  auth_param basic realm Squid proxy-caching web server
  auth_param basic credentialsttl 2 hours
  auth_param basic casesensitive off
  refresh_pattern ^ftp:		1440	20%	10080
  refresh_pattern ^gopher:	1440	0%	1440
  refresh_pattern .		0	20%	4320

  acl all src 0.0.0.0/0.0.0.0
  acl manager proto cache_object
  acl localhost src 127.0.0.1/255.255.255.255
  acl to_localhost dst 127.0.0.0/8
  acl SSL_ports port 443 563
  acl Safe_ports port 80		# http
  acl Safe_ports port 21		# ftp
  acl Safe_ports port 443 563	# https, snews
  acl Safe_ports port 70		# gopher
  acl Safe_ports port 210		# wais
  acl Safe_ports port 1025-65535	# unregistered ports
  acl Safe_ports port 280		# http-mgmt
  acl Safe_ports port 488		# gss-http
  acl Safe_ports port 591		# filemaker
  acl Safe_ports port 777		# multiling http
  acl Safe_ports port 901		# SWAT
  acl purge method PURGE
  acl CONNECT method CONNECT

  http_access allow manager localhost
  http_access deny manager
  http_access allow purge localhost
  http_access deny purge
  http_access deny !Safe_ports
  http_access deny CONNECT !SSL_ports
  acl our_networks src 192.168.0.0/24
  http_access allow our_networks
  http_access allow localhost
  http_access deny all
  http_reply_access allow all
  icp_access allow all
  visible_hostname reader.local.lan
  forwarded_for off
  coredump_dir /var/cache/squid
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux