It seems the access control lists of squid are buggy.
My server is running Red Hat 5.0, kernel 2.0.33, with
squid 1.1.20(however, the squid binary was not compiled with
glibc2. It was link to the old libc).
I have the following setting in my squid.conf
acl localhost src 127.0.0.1/255.255.255.255
acl all src 0.0.0.0/0.0.0.0
acl localdomain srcdomain localhost
acl trinovaip src 203.66.166.0/24
acl trinovadomain srcdomain trinova.com.tw
http_access allow localhost
http_access allow localdomain
http_access allow trinovaip
http_access allow trinovadomain
However, when I tried to use lynx to browse the Red Hat homepage,
some urls are OK, while others are access DENIED!
The access_log gave:
890789677.244 72 localhost TCP_HIT/200 55893 GET
http://www.redhat.com/suppo
rt/docs/rhl/manual/manual/doc000.html - NONE/- text/html
890789684.436 18 localhost TCP_DENIED/400 507 GET
http://www.redhat.com/supp
ort/docs/rhl/manual/manual/doc042.html - NONE/- -
What's wrong??
Another problem. If I put the four http_access lines into one line:
http_access allow localhost localdomain trinovaip trinovadomain
All the clients from my LAN were DENIED!
890790594.182 13 cwhuang.trinova.com.tw TCP_DENIED/400 472 GET
http://www.re
dhat.com/redhat/ - NONE/- -
I had to split it into four lines to avoid this problem.
(Though it is still buggy for 'localhost')
Are there bugs of squid? Or it's my fault...?
Please reply to my email address, since I'm not in the list! Thanks!
-- C.W.HuangReceived on Tue Mar 24 1998 - 18:07:52 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:39:27 MST