On 2013-11-21 04:39, Mark Redding wrote:
Hello all,
I run the network for a UK boarding school (1000 pupils and around 400
staff) and use a combination of squid and dansguardian to provide time
controlled and filtered web access for all users. From time to time a
number of users have reported receiving squid access denied messages -
though if they try accessing the same site a minute or two later they
get through to it without any issue. Is anyone able to shed light on
the
condition under which a TCP_DENIED/403 message may be returned by squid
(apart from the obvious acl based ones).
My configuration is thus :
FreeBSD 8.3-RELEASE-p3 amd64 running squid-3.1.19
I suggest upgrading to 3.3 release before going any further with this.
The old series have a few very strange bugs in auth behaviour which are
fixed by a large overhaul in recent releases (you could end up putting a
lot of time and effort in before finding the simple upgrade fixes your
issue).
Amos