On 02/05/2012 17:37, Jeff MacDonald wrote:
Hi,
I've seen this similar issue for a lot of people around the web, and have tried my best to debug my access rules.
The error message I get is :
1335968823.335 8 127.0.0.1 TCP_DENIED/407 2201 GET cache_object://localhost/ jeff@xxxxxxxxxx NONE/- text/html
I'm pretty sure I'm missing something miniscule, but need help finding it.
Here are my access rules in my squid.conf
try to move the access rules of the manager to the top and move down the
auth access rule
http_access allow manager localhost
http_access allow manager example
http_access allow westhants
by the way how are you trying to access the cache_object?
using squidclient ?
i'm using the basic config files on opensuse 12.1 with squid 3.1.16 and
it seems to work like that.
sample :
squidclient cache_object://localhost/client_list
Eliezer
root@proxy:/etc/squid3# grep -e ^acl -e ^http_acc /etc/squid3/squid.conf
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl example src 192.168.11.16/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl westhants proxy_auth REQUIRED
http_access allow westhants
http_access allow manager localhost
http_access allow manager example
http_access deny all
acl westhants-network src 192.168.11.0/24
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow westhants-network
http_access deny all
Thanks!
--
Jeff MacDonald
jeff@xxxxxxxxxx
902 880 7375
--
Eliezer Croitoru
https://www1.ngtech.co.il
IT consulting for Nonprofit organizations
eliezer <at> ngtech.co.il
