squid-2.2STABLE5
I'm trying to set up squid behind a firewall. I've got the following:
cache_peer ourfw.foo.bar parent 8080 0 no-query default
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl INTERNAL src 123.123.123.0/24
acl SSL_ports port 443 563
acl Safe_ports port 80 21 443 563 70 210 1025-65535
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow INTERNAL
http_access deny all
This works for all http requests. But for https, I get an error "While
trying to retrieve some.host.com:443. Connection failed. System returned
(101) Network is unreachable."
I tried replacing the last 2 http_access lines above with:
never_direct allow all
as mentioned in the FAQ, but then I can't get to anything at all. Squid
report "Access denied" for everything. What am I doing wrong? This is how
the docs say to use never_direct.
Received on Wed Jan 19 2000 - 13:50:54 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:50:30 MST