cache_object denied

David Touzeau <david@xxxxxxxxxx> · Fri, 04 Jun 2010 01:22:56 +0200

Dear all

i would like to use squidclient in order to get informations from squid 
3.1.4

but squid does not want to accept connexions:

mail - - [03/Jun/2010:19:03:05 -0400] "GET cache_object://127.0.0.1/info 
HTTP/1.0" 407 3451 TCP_DENIED:NONE
mail - - [03/Jun/2010:19:03:05 -0400] "GET 
cache_object://127.0.0.1/counters HTTP/1.0" 407 3467 TCP_DENIED:NONE

here is is my config , what's wrong ? :

auth_param basic program /usr/lib/squid3/squid_ldap_auth -b 
"dc=my-domain,dc=com" -D "cn=admin,dc=my-domain,dc=com" -w ***** -f 
"(&(objectClass=userAccount)(uid=%s))" -v 3 -h 127.0.0.1
#--------- GLOBAL
external_acl_type ldap_group %LOGIN /usr/lib/squid3/squid_ldap_group -D 
"cn=admin,dc=my-domain,dc=com" -w ****** -b "dc=my-domain,dc=com"  -f 
"(&(objectClass=posixGroup)(gidNumber=%a)(memberUid=%v))" -S -v 3 -h 
127.0.0.1
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
acl ldapauth proxy_auth REQUIRED
http_access allow ldapauth
auth_param basic credentialsttl 2 hour
authenticate_ttl 1 hour
authenticate_ip_ttl 60 seconds

acl malware_block_list url_regex -i "/etc/squid3/malwares.acl"
acl blockedsites url_regex "/etc/squid3/squid-block.acl"
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/32
acl CONNECT method CONNECT
acl manager proto cache_object
acl office_network src 192.168.1.0/24
acl group_password external ldap_group

acl Safe_ports port 80	#http
acl Safe_ports port 21	#ftp
acl Safe_ports port 22	#ssh
acl Safe_ports port 443 563	#https, snews
acl Safe_ports port 1863 	#msn
acl Safe_ports port 70	#gopher
acl Safe_ports port 210	#wais
acl Safe_ports port 1025-65535	#unregistered ports
acl Safe_ports port 280	#http-mgmt
acl Safe_ports port 488	#gss-http
acl Safe_ports port 591	#filemaker
acl Safe_ports port 777	#multiling http
acl Safe_ports port 631	#cups
acl Safe_ports port 873	#rsync
acl Safe_ports port 901	#SWAT#
http_access allow localhost
http_access allow manager localhost
http_access deny malware_block_list
http_access deny blockedsites
http_access allow ldapauth
http_access allow group_password
http_access allow office_network
http_access deny !Safe_ports
http_access deny all

best regards