Re: SQUID DENIES EVERYONE from Clement on 1999-07-20 (squid-users)

From: Clement <clement@dont-contact.us>
Date: Wed, 21 Jul 1999 11:17:18 +1000

Thank you very much for your offer to help. This is really a strange
situation.

As confirmed by the attached extract of the general runtime information,
generated by the squid itself through the cachemgr.cgi, all are allowed
in all accesses. There is no problem at all with the ACL.

I recompile and reinstall over the existing the squid to no success.

Then I remove the entire squid directory, recompile and reinstall,
bingo, it works now.

Maciej Kozinski wrote:
>
> Clement:
> > x.x.x.9. This new squid suddenly denies all accesses. This persists
> > even after I reboot the box several times. And even after I renumber
> > it back to x.x.x.20!
> >
> > Before I quit, I reconfigure it to allow access to all. This is an
> > extract from cache manager's General Runtime Information:
> >
> > ...
> > http_access Allow all
> > icp_access Allow all
> > miss_access Allow all
> > proxy_auth_realm Squid proxy-caching web server
> > ident_lookup_access Deny all
> > cache_mgr webmaster
> > cache_effective_user squid
> > cache_effective_group squid
> > ...
> >
> > The http_access, icp_access and miss_access lines are the only "Allow"
> > lines in the entire configuration list. The "Deny" lines are listed
> > below:
> >
> > ...
> > no_cache Deny QUERY
> > ...
> > ident_lookup_access Deny all
> > ...
> > uri_whitespace deny
> > ...
> >
> > As you may expect, the squid is still denying access to everyone. Do
> > you have a clue?
> >
>
> Don't know what exactly happened. Try to make telnet to your squid box at the
> squid's port to check out the squid is really running, not respawning and
> closing all the time. Assuming your http_port is 3130 you should make this:
>
> telnet localhost 3130
>
> and check out for establishing connection. If it is runninng, your problem could
> be bad ACL setup.
>
> Then you should look at:
> /usr/local/squid/squid.out
> /usr/local/squid/logs/cache.log
> /usr/local/squid/logs/access.log
>
> BTW: is that allowed to use capitals in "allow" and "deny" in acls?
>
> Regards,
> Maciej
>
> --
> Maciej Kozinski http://www.uck.uni.torun.pl/~maciek/
> Remember: Un*x _IS_ user friendly... It's just selective about
> who it's friends are.

-- 
Regards
Clement

Received on Tue Jul 20 1999 - 19:03:28 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:47:28 MST