RE: [squid-users] Access Denied error?

Squid is apparently running on port 80 on this concierge server. Any
attempts to connect to port 80 ends up in your Squid.

If you are running a transparent proxy then you probably have forgot to
add rules to not send requests intended for the server itself to the
proxy..

Regards
Henrik

tis 2003-04-08 klockan 14.52 skrev Ryan_James@emc.com:
> I'm confused. Yes, concierge is my server, and it is running
> Squid-2.2.STABLE5. So maybe I'm completly unclear as to the purpose of
> Squid. I thought it was an outbound caching program. But evidently it
> prohibits access to a webserver as well? I really hate to be stupid about
> this but could somebody explain to me the realtionship between Squid and
> Apache?
>
> My server is set up as the router between my LAN and the internet
> (Internet-->Cable Modem-->Concierge-->LAN). It is running Squid and Apache.
> Can I not do this? Do I just need to turn Squid off? That's another thing.
> I kill Squid, the process goes away for about 15 seconds, then reappears.
>
> Go easy here, I have read (some of) the documentation, but evedently I'm
> missing something of a more global nature.
>
> -Jim
> -----Original Message-----
> From: Henrik Nordstrom
> To: Ryan_James@emc.com
> Cc: squid-users@squid-cache.org
> Sent: 4/7/03 5:27 PM
> Subject: Re: [squid-users] Access Denied error?
>
> The page says:
>
>
> While trying to retrieve the URL: http://68.169.216.51/
>
> The following error was encountered:
>
> Access Denied.
>
> Generated Mon, 07 Apr 2003 22:11:42 GMT by concierge (Squid/2.2.STABLE5)
>
>
>
> Unless this concierge server is your server and you run
> Squid-2.2.STABLE5 on it this is not your problem but how it should
> be... probably a proxy server without a firewall but with proper access
> controls and not a web server at all.
>
> Regards
> Henrik
>
>
>
> Ryan_James@emc.com wrote:
> >
> > I'm beginning to really wonder what the heck is going on here. I
> shutdown
> > the squid process, try connecting to the site, and I get the same
> error
> > back. How can that be if squid is not even running? Could somebody
> go to
> > the web page and tell me if I'm barking up the wrong tree, is this a
> squid
> > problem at all?
> >
> > The page is at: http://68.169.216.51/
> >
> > -Jim
> >
> > -----Original Message-----
> > From: Frederico Madeira [mailto:fred@farmaciadospobres.com.br]
> > Sent: Monday, April 07, 2003 2:46 PM
> > To: Ryan_James@emc.com; kalford@dandy.net; squid-users@squid-cache.org
> > Subject: Re: [squid-users] Access Denied error?
> >
> > You may enter in shell:
> >
> > If you want to restart the squid service you enter the folow:
> > /etc/init.d/squid reload
> >
> > If you want stop
> > /etc/init.d/squid stop
> >
> > If you want start
> > /etc/init.d/squid start
> >
> > Frederico Madeira
> > Coordenador de Suporte
> > N. Landim Comércio Ltda
> > PABX: 81. 3497.3029
> > e-mail: fred@farmaciadospobres.com.br
> >
> > ----- Original Message -----
> > From: <Ryan_James@emc.com>
> > To: <kalford@dandy.net>; <Ryan_James@emc.com>;
> <squid-users@squid-cache.org>
> > Sent: Monday, April 07, 2003 3:21 PM
> > Subject: RE: [squid-users] Access Denied error?
> >
> > > I see what you mean. It seems I could change the line to be:
> > >
> > > > http_access deny all
> > >
> > > or remove all the "http_access" lines. I don't really understand
> the
> > logic
> > > here, but I could try it.
> > >
> > > How do I stop and start the process without rebooting the server?
> > >
> > > -Jim
> > >
> > > -----Original Message-----
> > > From: Kevin D. Alford
> > > To: Ryan_James@emc.com; squid-users@squid-cache.org
> > > Sent: 4/7/03 10:01 AM
> > > Subject: Re: [squid-users] Access Denied error?
> > >
> > >
> > > > "jtpr" <spam@jimryan.com wrote in message
> > > > news:<b6f01i$4gioj$1@ID-181664.news.dfncis.de...
> > > > I set up a simple web page on my Linux box, but when I try and
> > > connect to
> > > > it
> > > > from the outside I get:
> > > >
> > > > While trying to retrieve the URL: http://myurl/
> > > >
> > > > The following error was encountered:
> > > >
> > > > a.. Access Denied.
> > > > Access control configuration prevents your request from being
> > > allowed at
> > > > this time. Please contact your service provider if you feel this
> is
> > > > incorrect.
> > > >
> > > > This is my squid.conf...
> > > >
> > > >
> > > > http_port 3128
> > > > acl local-servers dstdomain mydomain.com
> > > > always_direct allow local-servers
> > > > cache_mem 64 MB
> > > > cache_dir /usr/local/squid/cache 500 16 256
> > > > hierarchy_stoplist cgi-bin ?
> > > > debug_options ALL,1
> > > > acl manager proto cache_object
> > > > acl localhost src 127.0.0.1/255.255.255.255
> > > > acl all src 0.0.0.0/0.0.0.0
> > > > acl SSL_ports port 443 563
> > > > acl Dangerous_ports port 7 9 19
> > > > acl CONNECT method CONNECT
> > > > http_access deny manager !localhost
> > > > http_access deny CONNECT !SSL_ports
> > > > http_access deny Dangerous_ports
> > > > http_access allow all
> > > > icp_access allow all
> > > > miss_access allow all
> > > > dns_testnames internic.net usc.edu cs.colorado.edu mit.edu
> yale.edu
> > > > minimum_direct_hops 4
> > > > connect_timeout 10 seconds
> > > > maximum_single_addr_tries 10
> > > > httpd_accel_host virtual
> > > >
> > > > Jim
> > > >
> > > >
> > > I think the last line regarding http_access should read:
> > > http_access deny all. The squid configuration guide states "If none
> of
> > > the
> > > "access" lines cause a match, the default is the opposite of the
> last
> > > line
> > > in the list".
> > >
> > > http://squid.visolve.com/squid24s1/access_controls.htm#http_access
> > >
> > > I am new at this, but this may solve your problem. Good luck!
> > >
> > >
> > > Kevin D. Alford
> > > Sr. Linux/UNIX Engineer
> > > 800.636.1188
> > >

-- 
Henrik Nordstrom <hno@squid-cache.org>
MARA Systems AB, Sweden