Hello Henrik, Thanks for the quick response! In my acl list I added: acl our_networks src 192.168.50.0/24 and for the follow_x_forwarded_for I added: follow_x_forwarded_for allow our_networks and then further down I added: http_access allow our_networks But I am still seeing the 'Denied Access' page in my browser. Maybe I misunderstood you, but do those look ok? Thanks -Dean -----Original Message----- From: Henrik Nordstrom [mailto:henrik@xxxxxxxxxxxxxxxxxxx] Sent: Wednesday, November 15, 2006 10:38 PM To: Dean Searle Cc: squid-users@xxxxxxxxxxxxxxx Subject: Re: Squid, Dansguardian and follow_x_forwarded_for ons 2006-11-15 klockan 21:33 -0500 skrev Dean Searle: > first cache after the user. When I use 'follow_x_forwarded_for allow > localhost' or 'follow_x_forwarded_for allow all' and then try to access > google.com it comes up with an Access Denied page from Squid, but my web > log from sarg does show the proper IP coming through, but only denied. Check your http_access rules. When using follow_x_forwarded_for the src acl will match the original source IP. To restrict direct Squid access tell Squid to only listen on localhost (127.0.0.1:3128). Regards Henrik ________________________________ avast! Antivirus <http://www.avast.com> : Outbound message clean. Virus Database (VPS): 0649-0, 11/15/2006 Tested on: 11/15/2006 11:48:32 PM avast! - copyright (c) 1988-2006 ALWIL Software.
