RE: [squid-users] Access Denied error?

From: <Ryan_James@dont-contact.us>
Date: Mon, 7 Apr 2003 14:21:17 -0400

 I see what you mean. It seems I could change the line to be:

> http_access deny all

or remove all the "http_access" lines. I don't really understand the logic
here, but I could try it.

How do I stop and start the process without rebooting the server?

-Jim

-----Original Message-----
From: Kevin D. Alford
To: Ryan_James@emc.com; squid-users@squid-cache.org
Sent: 4/7/03 10:01 AM
Subject: Re: [squid-users] Access Denied error?

> "jtpr" <spam@jimryan.com wrote in message
> news:<b6f01i$4gioj$1@ID-181664.news.dfncis.de...
> I set up a simple web page on my Linux box, but when I try and
connect to
> it
> from the outside I get:
>
> While trying to retrieve the URL: http://myurl/
>
> The following error was encountered:
>
> a.. Access Denied.
> Access control configuration prevents your request from being
allowed at
> this time. Please contact your service provider if you feel this is
> incorrect.
>
> This is my squid.conf...
>
>
> http_port 3128
> acl local-servers dstdomain mydomain.com
> always_direct allow local-servers
> cache_mem 64 MB
> cache_dir /usr/local/squid/cache 500 16 256
> hierarchy_stoplist cgi-bin ?
> debug_options ALL,1
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl all src 0.0.0.0/0.0.0.0
> acl SSL_ports port 443 563
> acl Dangerous_ports port 7 9 19
> acl CONNECT method CONNECT
> http_access deny manager !localhost
> http_access deny CONNECT !SSL_ports
> http_access deny Dangerous_ports
> http_access allow all
> icp_access allow all
> miss_access allow all
> dns_testnames internic.net usc.edu cs.colorado.edu mit.edu yale.edu
> minimum_direct_hops 4
> connect_timeout 10 seconds
> maximum_single_addr_tries 10
> httpd_accel_host virtual
>
> Jim
>
>
I think the last line regarding http_access should read:
http_access deny all. The squid configuration guide states "If none of
the
"access" lines cause a match, the default is the opposite of the last
line
in the list".

http://squid.visolve.com/squid24s1/access_controls.htm#http_access

I am new at this, but this may solve your problem. Good luck!

Kevin D. Alford
Sr. Linux/UNIX Engineer
800.636.1188
Received on Mon Apr 07 2003 - 12:22:02 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:14:44 MST