[squid-users] Access to local news server

Hi,

I have 2 squid machines running as cache-peers, with one (the 'iproxy')
forwarding requests to the other (the 'oproxy'). I'm trying to setup a
news server on the oproxy that can be accessed by users inside the LAN
using desproxy (http://desproxy.sourceforge.net/) to tunnel it through
the iproxy. However when I run desproxy and try to connect to the news
server I get this:

Connection request from 192.168.1.186, port 41450
Connecting to http proxy (iproxy:3128)
Server: squid/2.5.STABLE3
Mime-Version: 1.0
Date: Wed, 07 Dec 2005 05:57:09 GMT
Content-Type: text/html
Content-Length: 1089
Expires: Wed, 07 Dec 2005 05:57:09 GMT
X-Squid-Error: ERR_ACCESS_DENIED 0
X-Cache: MISS from oproxy.registriesltd.com.au
Proxy-Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<HTML><HEAD><META HTTP-EQUIV="Content-Type" CONTENT="text/html;
charset=iso-8859-1">
<TITLE>ERROR: The requested URL could not be retrieved</TITLE>
<STYLE
type="text/css"><!--BODY{background-color:#ffffff;font-family:verdana,sans-serif}PRE{font-family:sans-serif}--></STYLE>
</HEAD><BODY>
<H1>ERROR</H1>
<H2>The requested URL could not be retrieved</H2>
<HR noshade size="1px">
<P>
While trying to retrieve the URL:
<A HREF="oproxy:119">oproxy:119</A>
<P>
The following error was encountered:
<UL>
<LI>
<STRONG>
Access Denied.
</STRONG>
<P>
Access control configuration prevents your request from
being allowed at this time. Please contact your service provider if
you feel this is incorrect.
</UL>
<P>Your cache administrator is <A
HREF="mailto:webmaster@registriesltd.com.au">webmaster@registriesltd.com.au</A>.

<BR clear="all">
<HR noshade size="1px">
<ADDRESS>
Generated Wed, 07 Dec 2005 05:57:09 GMT by oproxy.registriesltd.com.au
(squid/2.5.STABLE3)
</ADDRESS>
</BODY></HTML>
connect_host_to_proxy: ERROR
Connection #0: end of connection

It seems that the squid on oproxy is denying access to the news server
that runs on that machine. Here's my squid.conf from oproxy:

ftp_user webmaster@registriesltd.com.au
cache_mgr webmaster@registriesltd.com.au
cache_mem 128 MB
maximum_object_size 20480 KB
maximum_object_size_in_memory 64 KB
cache_dir ufs /var/spool/squid 2048 32 512
# Allow CONNECT to SSL (and a few special) ports
acl SSL_ports port 22 443 563 873 5050 5190 5222 5223
http_access allow CONNECT SSL_ports
# Allow CONNECT to NNTP
acl NNTP_port port 119 dst 10.20.10.2
http_access allow CONNECT nntp_port
# Other common ACLs
#http_access deny to_localhost
acl iproxy src 10.20.10.0/24
acl iproxy2 src 10.70.10.0/24
http_access allow iproxy
http_access allow iproxy2

# Server settings
visible_hostname oproxy.registriesltd.com.au
http_port 10.20.10.2:3128

# Default DENY
http_access allow localhost
http_access deny all

-- 
Tim Edwards
Systems Administrator
REGISTRIES LTD
ABN 14 003 209 836
Phone: 92909610
IMPORTANT INFORMATION
This email may contain privileged or confidential information.  If you 
are not the intended recipient, or a person
responsible for delivering this email to the intended recipient, you 
should not disseminate, review, disclose,
distribute or copy the contents of this email or any attachments. In 
this case, please immediately notify the
sender by reply email, then delete this message and any attachments from 
your system.
Unencrypted emails transmitted over public networks are not private 
communications, and therefore content integrity
and confidentiality cannot be guaranteed. Emails may also be lost, 
destroyed, or arrive late.  It is understood
that opinions, conclusions and other information in this message that do 
not relate to the official business of
Registries Limited, are neither given nor endorsed.