Why confused?
Becuase this morning I discovered that the word causing "access denied" is "Pene"; this word is contained in acl "bad_word_content_type":
acl bad_word_content_type url_regex -i sesso culo culi tette nudo nuda seno seni PENE cazzo cazzi teen figa webtv streaming tvgratis
Reading log you can see:
2006/11/16 12:41:44| The request GET http://www.comune.milano.it/webcity/portale/homepage.nsf/wAll/DSEV-6TTJV2/$file/banner_vialomellina2.gif is ALLOWED, because it matched 'DomainUsers'
2006/11/16 12:41:44| The reply for GET http://www.comune.milano.it/webcity/portale/homepage.nsf/wAll/DSEV-6TTJV2/$file/banner_vialomellina2.gif is ALLOWED, because it matched 'all'
2006/11/16 12:41:44| The request GET http://www.comune.milano.it/webcity/portale/homepage.nsf/wAll/DSEV-6VKNZM/$file/banner_dirittiinfanzia.gif is ALLOWED, because it matched 'DomainUsers'
2006/11/16 12:41:44| The reply for GET http://www.comune.milano.it/webcity/portale/homepage.nsf/wAll/DSEV-6VKNZM/$file/banner_dirittiinfanzia.gif is ALLOWED, because it matched 'all'
2006/11/16 12:41:44| The request GET http://www.comune.milano.it/webcity/portale/homepage.nsf/wAll/DSEV-6VDMS9/$file/multe1.gif is DENIED, because it matched 'Proxy_Internet_Ts'
2006/11/16 12:41:44| The reply for GET http://www.comune.milano.it/webcity/portale/homepage.nsf/wAll/DSEV-6VDMS9/$file/multe1.gif is ALLOWED, because it matched 'Proxy_Internet_Ts'
2006/11/16 12:41:44| The request GET http://www.comune.milano.it/webcity/portale/homepage.nsf/wAll/DSEV-6TDA43/$file/mozart.gif is DENIED, because it matched 'Proxy_Internet_Ts'
2006/11/16 12:41:44| The reply for GET http://www.comune.milano.it/webcity/portale/homepage.nsf/wAll/DSEV-6TDA43/$file/mozart.gif is ALLOWED, because it matched 'Proxy_Internet_Ts'
2006/11/16 12:41:44| The request GET http://www.comune.milano.it/home/css/home.css is ALLOWED, because it matched 'DomainUsers'
..............
..............
Is possibile to have in access.log "blocked by bad_word_content_type" acl? Or something similar?
Reading log I see ALLOWED,DENY,ALLOWED,DENY....but this didn't help me. Also because, for example, "DENIED, because it matched 'Proxy_Internet_Ts'" apparently doesn't have any sense (at least in this case)
Thanks
-----Messaggio originale-----
Da: Henrik Nordstrom [mailto:henrik@henriknordstrom.net]
Inviato: giovedì 16 novembre 2006 18.07
A: Reale Marco
Cc: squid-users@squid-cache.org
Oggetto: Re: [squid-users] Squid: What is wrong in myacl????
tor 2006-11-16 klockan 16:59 +0100 skrev Reale Marco:
> I'll briefly try to explain:
> 1) visiting www.comune.milano.it the user/credential pop-up was shown
> to me I tried to increase debug_option but it didn't help me because
> log was confused
In what sense was it confused?
"The request .. is DENIED because it matched acl XXX" says the last acl on the http_access line which denied access. or the first encountered acl requiring authentication if the request was not authenticated.
"The reply for .." lines says what happened in http_reply_access.
Regards
Henrik
Received on Fri Nov 17 2006 - 01:15:46 MST
This archive was generated by hypermail pre-2.1.9 : Fri Dec 01 2006 - 12:00:03 MST
