RE: [squid-users] ACL problem

> -----Original Message-----
> From: Christoph Haas [mailto:email@christoph-haas.de]
> Sent: Thursday, December 08, 2005 2:29 AM
> To: squid-users@squid-cache.org
> Subject: Re: [squid-users] ACL problem
>
>
> On Thursday 08 December 2005 11:25, Marc-Christian Petersen wrote:
> > On Thursday 08 December 2005 11:11, Christoph Haas wrote:
> >
> > Hi Christoph,
> >
> > > > acl privhosts src 10.130.10.100/255.255.255.255 and it won't work
> > > > also. Turned on full debugging and cache.log tells me that above ip
> > > > is not matching at all.
> > > > Any idea? I had squid 2.5stable1 or so running and it worked, now
> > > > updated to 2.5stable12 and it won't. Anything changed?
> > >
> > > You don't tell what problem you have exactly.
> >
> > oops, yes. The problem is, I have to authenticate to squid when I come
> > from 10.130.10.100 or 10.130.10.109.
> >
> > http_access allow privhosts is before everything else, so it shouldn't
> > happen.
>
> Even though you fixed the double declaration of the "privhosts" ACL?
>

For what it's worth, declaring an ACL name more than once is not a problem, as long as the same ACL type is used. See Safe_ports for an example. On the other hand, the way it was done here may very well cause a problem, as the hostname "localhost" is used for the first declaration. Try changing that line to "acl privhosts src 127.0.0.1", or removing that line and adding 127.0.0.1 to proxy.priv and see if your problem is resolved.

Chris
Received on Thu Dec 08 2005 - 11:13:10 MST