[squid-users] Access Still DENIED]

This script was sent to me by scott@sphalen.com I have tried this script and I'm getting the same results.

http_port 3128
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 8 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 125000 KB
minimum_object_size 0 KB
maximum_object_size_in_memory 8 KB
ipcache_size 1024
ipcache_low 90
ipcache_high 95
fqdncache_size 1024
cache_replacement_policy lru
memory_replacement_policy lru
cache_dir diskd /var/squid/cache 5000 16 256
access_log /usr/local/squid/var/logs/access.log
cache_log /usr/local/squid/var/logs/cache.log
cache_store_log /usr/local/squid/var/logs/store.log
emulate_httpd_log off
log_ip_on_direct on
mime_table /usr/local/squid/etc/mime.conf
log_mime_hdrs off
pid_filename /usr/local/squid/var/logs/squid.pid
debug_options ALL,1
log_fqdn off
client_netmask 255.255.255.255
diskd_program /usr/local/squid/libexec/diskd
unlinkd_program /usr/local/squid/libexec/unlinkd
request_header_max_size 10 KB
request_body_max_size 0 KB
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
quick_abort_min 16 KB
quick_abort_max 16 KB
quick_abort_pct 95
negative_ttl 5 minutes
positive_dns_ttl 6 hours
negative_dns_ttl 5 minutes
range_offset_limit 0 KB
connect_timeout 2 minutes
peer_connect_timeout 30 seconds
read_timeout 15 minutes
request_timeout 5 minutes
persistent_request_timeout 1 minute
client_lifetime 1 day
half_closed_clients on
pconn_timeout 120 seconds
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow !Safe_ports
http_access allow CONNECT !SSL_ports
#
acl our_networks src 10.10.30.0/24
http_access allow our_networks
#
http_access allow all
http_reply_access allow all
icp_access allow all
miss_access allow all
cache_mgr webmaster
cache_effective_user nobody
visible_hostname root
unique_hostname root
dns_testnames netscape.com internic.net nlanr.net microsoft.com
logfile_rotate 31
memory_pools on
memory_pools_limit 50 MB
forwarded_for off
store_avg_object_size 13 KB
store_objects_per_bucket 20
#always_direct deny all
#never_direct allow all
#prefer_direct off
snmp_port 3401
coredump_dir /usr/local/squid/var/cache
client_persistent_connections on
server_persistent_connections on

-------- Original Message --------
Subject: Re: [squid-users] Access Still DENIED
Date: Wed, 15 Dec 2004 05:41:32 +0100
From: Lucio Jankok <lj@2u2.nu>
To: TopGun Technician <tech1@topguntelecom.com>

Let me see your squid.conf

On 12/14/04 2:10 PM, "Merton Campbell Crockett" <mcc@CATO.GD-AIS.COM> wrote:

> On Mon, 13 Dec 2004, TopGun Technician wrote:
>
>> Does someone out their have the answer.
>>
>> I am still getting access denied when trying to use Squid cache. I have
>> added
>> my network 10.10.30.0/24 to the acl and added the lines to allow access.
>>
>> I have spent hours on this already and have tried all suggested from this
>> forum. No luck yet.
>>
>> Running Squid 2.5 stable on Suse 9.1 64 bit server. Server can access the
>> Internet, user is created for squid group on server yet clients do not get
>> web
>> access when using proxy. Access denied.
>
> Squid access controls are similar to CiscoIOS access-lists. The request
> is evaluated against the conditions in the list in order. The first true
> condition terminates the evaluation.
>
> There are several access control lists in Squid, i.e. the never and always
> direct. These can produce unexpected results due to the order of
> evaluation. This should be in a FAQ.
>
> Merton Campbell Crockett
>
Received on Tue Dec 14 2004 - 21:52:29 MST