Re: Help with ACL from visolve cache on 2000-02-02 (squid-users)

From: visolve cache <visolve_cache@dont-contact.us>
Date: Wed, 2 Feb 2000 19:59:35 -0800 (PST)

--- squid <squid@sigmanet.hn> wrote:
> -- [ From: squid * EMC.Ver #2.5.02 ] --
>
> Hi to All.
>
> I upgraded my RedHat to v.6.1 and installed the
> Squid 2.2STABLE4.
>
> The access list I had running on the old version 2.1
> on RedHat 5.2 do not
> works with this new version, I have been trying to
> "fix" it, but cannot make
> it works.
>
> This is what I am trying to use:
>
> acl manager proto cache_object
> acl users src
> xxx.xxx.xxx.1-xxx.xxx.xxx.254/255.255.255.0 (this is
> my ip
> block)
> acl localhost src 127.0.0.1/255.255.255.255
> acl SSL_ports port 443 563
> acl Dangerous_ports 7 9 19 22 23 25 53 109 110 119
> acl Safe_ports port 80 21 443 563 70 210 1025-65535
> acl CONNECT method CONNECT
>
> http_access allow manager localhost
> http_access deny manager
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> http_access allow localhost
> http_access deny Dangerous_ports
> http_access allow users
> http_access deny all
>
> #icp_access allow all
> #miss_access allow all
> #ident_lookup_access deny all
>
> When starting Squid, I get this errors:
>
> aclParseAclLine: Invalid ACL type ''7'
> squid.conf line 1027: http_access deny
> Dangerous_ports
> aclParseAccessLine: ACL name 'Dangerous_ports' not
> found
> squid.conf line 1027: http_access deny
> Dangerous_ports
> aclParseAccessLine: Access line contains no ACL's,
> skipping
> squid.conf line 1034: http_access deny all
> aclParseAccessLine: ACL name 'all' not found.
> squid.conf line 1034: http_access deny all
> aclParseAccessLine: Access line contains no ACL's,
> skipping
> squid.conf line 1906: icp_access deny all
> aclParseAccessLine: ACL name 'all' not found.
> squid.conf line 1906: icp_access deny all
> aclParseAccessLine: Access line contains no ACL's,
> skipping
> squid.conf line 1907: ident_lookup_access deny all
> aclParseAccessLine: ACL name 'all' not found.
> squid.conf line 1907: ident_lookup_access deny all
> aclParseAccessLine: Access line contains no ACL's,
> skipping
> squid.conf line 1908: snmp_access deny all
> aclParseAccessLine: ACL name 'all' not found.
> squid.conf line 1908: snmp_access deny all
> aclParseAccessLine: Access line contains no ACL's,
>
> The Squid starts, and can use it throught my ip's
> reported on acl users.
> Also I am confused because the squid.conf only has
> 1904 lines.
>
> Could someone please help me ?
>
> Thanks
> Rolando
>

Hi,
please go thro syntax.
acl aclname port 80 70 21 ...

You have given acl name correctly but missed acltype
'port'.
wrong
-----
acl Dangerous_ports 7 9 19 22 23 25 53 109 110 119

correct
-------
acl Dangerous_ports port 7 9 19 22 23 25 53 109 110
119

so replace that line alone in squid.conf. It will work.

=====
regards
visolve_cache
visolve.com
http://www.v-solve.com
__________________________________________________
Do You Yahoo!?
Talk to your friends online with Yahoo! Messenger.
http://im.yahoo.com
Received on Wed Feb 02 2000 - 21:08:08 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:50:55 MST