On Mon, 30 Jul 2007 15:56:11 +0200 Henrik Nordstrom <henrik@xxxxxxxxxxxxxxxxxxx> wrote: > > The weird thing is, if I manually configure Firefox to access the > > Web via localhost:3128, it works fine, no matter whether I use the > > "transparent" keyword or not. The ACL rule that allows localhost is > > in effect in this case, since if I change > > It's not so strange. When intercepted the source ip for the request is > your real IP, not localhost... That's what I thought... > > However, adding a rule like this: > > > > acl ME src 1.2.3.4 > > http_access allow ME > > > > doesn't help at all. > > Make sure you add it before the "deny all".. http_access rules is > order sensitive.. Thanks for your suggestion, but like I said, still no luck. access.log sample when trying to access google.com: 1185804381.874 0 192.144.46.78 TCP_DENIED/403 1450 GET http://www.google.com/ - NONE/- text/html 1185804381.950 92 192.144.46.78 TCP_MISS/403 1598 GET http://www.google.com/ - DIRECT/64.233.183.147 text/html (assuming 192.144.46.78 is my IP -- it's not, of course) The ACL rule in the squid.conf is definitely before the "http_access deny all" line: ----------------------------------------------------------- # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS acl ME src 192.144.46.78 http_access allow ME # Example rule allowing access from your local networks. Adapt # to list your (internal) IP networks from where browsing should # be allowed #acl our_networks src 192.168.1.0/24 192.168.2.0/24 #http_access allow our_networks http_access allow localhost # And finally deny all other access to this proxy http_access deny all ----------------------------------------------------------- Any other ideas? Andrei PS: By the way, I just put debug_options ALL,1 33,2 into the config, and now the cache log says: 2007/07/30 17:22:20| The reply for GET http://www.google.com/ is ALLOWED, because it matched 'QUERY' 2007/07/30 17:22:25| The request GET http://www.google.com:80/ is ALLOWED, because it matched 'ME' ...while the access.log still says access denied, and so does the browser! How come? I also noticed that cache log has this warning: 2007/07/30 13:23:36| WARNING: Forwarding loop detected for: Client: 192.144.46.78 http_port: 69.65.107.188:80 Could this warning be related to the problem I'm having?