RE: [squid-users] Access Denied error?

From: Kevin D. Alford <kalford@dont-contact.us>
Date: Tue, 8 Apr 2003 14:09:00 GMT

> I'm beginning to really wonder what the heck is going on here. I shutdown
> the squid process, try connecting to the site, and I get the same error
> back. How can that be if squid is not even running? Could somebody go to
> the web page and tell me if I'm barking up the wrong tree, is this a squid
> problem at all?
>
> The page is at: http://68.169.216.51/
>
> -Jim
>
> -----Original Message-----
> From: Frederico Madeira [mailto:fred@farmaciadospobres.com.br]
> Sent: Monday, April 07, 2003 2:46 PM
> To: Ryan_James@emc.com; kalford@dandy.net; squid-users@squid-cache.org
> Subject: Re: [squid-users] Access Denied error?
>
>
> You may enter in shell:
>
> If you want to restart the squid service you enter the folow:
> /etc/init.d/squid reload
>
> If you want stop
> /etc/init.d/squid stop
>
> If you want start
> /etc/init.d/squid start
>
>
>
>
> Frederico Madeira
> Coordenador de Suporte
> N. Landim Comércio Ltda
> PABX: 81. 3497.3029
> e-mail: fred@farmaciadospobres.com.br
>
> ----- Original Message -----
> From: <Ryan_James@emc.com>
> To: <kalford@dandy.net>; <Ryan_James@emc.com>; <squid-users@squid-cache.org>
> Sent: Monday, April 07, 2003 3:21 PM
> Subject: RE: [squid-users] Access Denied error?
>
>
> > I see what you mean. It seems I could change the line to be:
> >
> > > http_access deny all
> >
> > or remove all the "http_access" lines. I don't really understand the
> logic
> > here, but I could try it.
> >
> > How do I stop and start the process without rebooting the server?
> >
> > -Jim
> >
> > -----Original Message-----
> > From: Kevin D. Alford
> > To: Ryan_James@emc.com; squid-users@squid-cache.org
> > Sent: 4/7/03 10:01 AM
> > Subject: Re: [squid-users] Access Denied error?
> >
> >
> > > "jtpr" <spam@jimryan.com wrote in message
> > > news:<b6f01i$4gioj$1@ID-181664.news.dfncis.de...
> > > I set up a simple web page on my Linux box, but when I try and
> > connect to
> > > it
> > > from the outside I get:
> > >
> > > While trying to retrieve the URL: http://myurl/
> > >
> > > The following error was encountered:
> > >
> > > a.. Access Denied.
> > > Access control configuration prevents your request from being
> > allowed at
> > > this time. Please contact your service provider if you feel this is
> > > incorrect.
> > >
> > > This is my squid.conf...
> > >
> > >
> > > http_port 3128
> > > acl local-servers dstdomain mydomain.com
> > > always_direct allow local-servers
> > > cache_mem 64 MB
> > > cache_dir /usr/local/squid/cache 500 16 256
> > > hierarchy_stoplist cgi-bin ?
> > > debug_options ALL,1
> > > acl manager proto cache_object
> > > acl localhost src 127.0.0.1/255.255.255.255
> > > acl all src 0.0.0.0/0.0.0.0
> > > acl SSL_ports port 443 563
> > > acl Dangerous_ports port 7 9 19
> > > acl CONNECT method CONNECT
> > > http_access deny manager !localhost
> > > http_access deny CONNECT !SSL_ports
> > > http_access deny Dangerous_ports
> > > http_access allow all
> > > icp_access allow all
> > > miss_access allow all
> > > dns_testnames internic.net usc.edu cs.colorado.edu mit.edu yale.edu
> > > minimum_direct_hops 4
> > > connect_timeout 10 seconds
> > > maximum_single_addr_tries 10
> > > httpd_accel_host virtual
> > >
> > > Jim
> > >
> > >
> > I think the last line regarding http_access should read:
> > http_access deny all. The squid configuration guide states "If none of
> > the
> > "access" lines cause a match, the default is the opposite of the last
> > line
> > in the list".
> >
> > http://squid.visolve.com/squid24s1/access_controls.htm#http_access
> >
> > I am new at this, but this may solve your problem. Good luck!
> >
> >
> > Kevin D. Alford
> > Sr. Linux/UNIX Engineer
> > 800.636.1188
> >
>

I hope you made a copy of the original squid.conf file. move the original
copy back to squid.conf, and edit that file to allow all. Once you
establish that you do have access, then edit the file one line at a time to
determine what is preventing your access from working.

Kevin D. Alford
Sr. Linux/UNIX Engineer
800.636.1188
Received on Tue Apr 08 2003 - 08:09:59 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:14:51 MST