[squid-users] Cache Manager denied access from Neil Loffhagen on 2005-05-18 (squid-users)

From: Neil Loffhagen <Neil.Loffhagen@dont-contact.us>
Date: Wed, 18 May 2005 09:11:33 -0000

Hi,

We have Squid running successfully, but are having trouble getting
access to the cache manger, to see what's happening. Squid is running
on one box and Apache2 on another box. When we type in the IP address
of the Squid box to access the cache on it we keep getting:

The following error was encountered:

* Access Denied.

Access control configuration prevents your request from being
allowed at this time. Please contact your service provider if you feel
this is incorrect.

Have read various web pages and the Squid book to try and sort this, but
whatever changes we make in the squid.conf file nothing works. Have
copied the relevant parts of the squid.conf file. The IP address of the
Apache2 server is 10.182.64.123. The Squid IP is 10.182.65.226. We are
usng port 3128 for Squid and apache2. Could that be the problem?

So the question is what am I missing the cal or http_access lines?

Any help much appreciated.

Neil.

acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl all src 0.0.0.0/0.0.0.0
acl cachemgr src 10.182.64.123/255.255.255.255
acl bbclocal 10.182.0.0/255.255.0.0

acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

http_access allow manager localhost
http_access allow manager cachemgr
http_access deny manager
http_access allow bbclocal
http_access deny all
http_access deny !Safe_ports
http_access allow CONNECT SSL_ports

acl bbc_networks src 10.182.0.0/16 192.168.0.0/16 192.168.1.0/24
192.168.2.0/24 192.168.3.0/24 192.168.4.0/24 192.168
.5.0/24 192.168.6.0/24

http_access allow bbc_networks

http_access deny all

http://www.bbc.co.uk/

This e-mail (and any attachments) is confidential and may contain
personal views which are not the views of the BBC unless specifically
stated.
If you have received it in error, please delete it from your system.
Do not use, copy or disclose the information in any way nor act in
reliance on it and notify the sender immediately. Please note that the
BBC monitors e-mails sent or received.
Further communication will signify your consent to this.
Received on Wed May 18 2005 - 03:11:42 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Jun 01 2005 - 12:00:03 MDT