[SQU] TCP_DENIED/403 error

From: Chee Seng Toh <chee.seng.toh@dont-contact.us>
Date: Wed, 17 Jan 2001 22:12:14 +0800


I have a need to tunnel across a proxy server for some test ...

on the server, I can make a successful test
979694422.527 15177 TCP_MISS/000 39 CONNECT localhost:443 -
DIRECT/localhost -
(extract from access.log)

but if I try from a remote client, I get errors
979744098.392 232 TCP_DENIED/403 997 CONNECT <IP_address
of svr>.2:3128 - NONE/- -
979744134.431 111 TCP_DENIED/403 995 CONNECT <IP_address
of svr>.2:443 - NONE/- -

my simple acl as:

acl all src
acl manager proto cache_object
acl localhost src
acl SSL_ports port 443 563
acl Safe_ports port 80 21 443 563 70 210 1025-65535
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http

#Default configuration:
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
#http_access deny CONNECT !SSL_ports
http_access deny CONNECT !Safe_ports

http_access allow CONNECT
http_access allow all
http_access deny all

icp_access allow all
#miss_access allow all

I have tried leaving only http_access allow all or only http_access deny
all (one at a time) but still could not get a positive result. Can anyone
spot the unintentional error? Please help, thanks.

Chee Seng

To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
Received on Wed Jan 17 2001 - 11:37:24 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:57:29 MST