And you added the deny BEFORE where you allow access?
Also check that "squid -k parse" do not return any errors in
squid.conf..
Regards
Henrik
On Thursday 13 June 2002 12:21, Frank Neumann wrote:
> Hi,
>
> that doesn't seem to work. The cache, which of course has a public
> IP address, still wants to retrieve a page like 172.16.1.2 from the
> public internet and correctly fails with 'connection timed out'.
> In the access log it says
>
> 1023962516.005 239538 a.b.c.d TCP_MISS/504 1026 GET
> http://172.16.1.2/ - NONE/- -
>
> Any other configuration pitfalls I may have trapped in? Yes, I gave
> 'squid -k reconfigure' to the cache after changing the acl.
>
>
> Another question regarding ftp uploads. It seems that ftp uploads
> fail depending on the size of the uploaded file (but that also may
> depend on the receiving server). request_body_max_size is set to 0.
> I find log entries as follows:
>
> 1023876297.000 909875 a.b.c.d TCP_MISS/000 0 PUT
> ftp://user@ip.of.ftp.server/uploadfile - DIRECT/ip.of.ftp.server -
>
> I never saw a HTTP return code 000 before. Any hints on that?
>
> Thanks,
> Frank
>
> Henrik Nordstrom wrote:
>
>
> > acl private_ip dst 192.168.0.0/16 ....
> > http_access deny private_ip
> > deny_info ERR_PRIVATE_IP private_ip
> >
> > And put your custom error message in errors/ERR_PRIVATE_IP
> >
> > Regards
> > Henrik
> >
> > Frank Neumann wrote:
> >
> > > Hi folks,
> > >
> > > I'd like to configure squid-2.4 to deny requests with private
> > > IP addresses in the URL and respond with a customized error
> > > message. How could such an acl look like? Any pointers are
> > > welcome.
> > > Thanks,
> > > Frank
Received on Thu Jun 13 2002 - 05:53:42 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:08:40 MST