I think you should have a matching never_direct line..
Regards
Henrik
George Dominguez wrote:
>
> Hello everyone,
>
> We have two type of users, those whom are allow direct access onto the
> University of Queensland databases, and those whom need to validate them
> self's.
>
> In order to achieve the above requirement, we created an acl rule set, the
> "exeption-entries" file has the ip's range.
> 10.1.1.4 is another redhat 8 squid proxy server, 10.1.1.4 nat's through the
> firewall, and it's allowed direct access to the University of Queensland
> databases.
>
> Here is the acl from my squid.conf:
>
> # If an IP is from the exception-entry list, then
> # pass the request to 10.1.1.4 proxy server.
> acl StaffNet src "/usr/local/squid/etc/exception-entries"
> acl uqlib dstdomain .uq.edu.au
> cache_peer 10.1.1.4 parent 3128 3130
> cache_peer_access 10.1.1.4 allow StaffNet uqlib
> cache_peer_access 10.1.1.4 deny all
>
> It all works fine. With the exception that every now and then I get a phone
> call from an exception user telling me that they were prompt to validate.
>
> In order to get around this issue, I run squid -k reconfigure and it all
> works again, until, the next telephone call.
>
> Any ideas as to what could be making this service fail every now and then?
>
> Regards
> George
>
> =====================================================
> Privileged/Confidential Information may be contained in this message. If
> you are not the addressee (or responsible for delivery of the message to
> the addressee), you may not copy or deliver this message to anyone. In such
> a case, you should destroy this message and kindly notify the sender by
> reply e-mail. Opinions, conclusions and other information in this message
> that do not relate to the official business of my employer shall be
> understood as neither given nor endorsed by it.
Received on Wed Mar 19 2003 - 02:02:38 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:14:08 MST