Hi,
I can't put the access rules above the acl definition if that was what you meant. but incase that isn't what you meant.. i did re-order it a bit and this is what i have now.. still no access.
FYI, i'm trying to access it using the cache manager cgi which runs on the same server
root_at_proxy:~# !gre
grep -e ^acl -e ^http_acc /etc/squid3/squid.conf
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl westhants proxy_auth REQUIRED
acl westhants-network src 192.168.11.0/24
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow westhants
http_access allow localhost
http_access allow westhants-network
http_access allow manager localhost
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all
-- Jeff MacDonald jeff_at_terida.com 902 880 7375 On 2012-05-02, at 12:28 PM, Eliezer Croitoru wrote: > On 02/05/2012 17:37, Jeff MacDonald wrote: >> Hi, >> >> I've seen this similar issue for a lot of people around the web, and have tried my best to debug my access rules. >> >> The error message I get is : >> >> 1335968823.335 8 127.0.0.1 TCP_DENIED/407 2201 GET cache_object://localhost/ jeff_at_bignose.ca NONE/- text/html >> >> I'm pretty sure I'm missing something miniscule, but need help finding it. >> >> Here are my access rules in my squid.conf > > try to move the access rules of the manager to the top and move down the auth access rule > > http_access allow manager localhost > http_access allow manager example > http_access allow westhants > > by the way how are you trying to access the cache_object? > using squidclient ? > i'm using the basic config files on opensuse 12.1 with squid 3.1.16 and it seems to work like that. > sample : > squidclient cache_object://localhost/client_list > > Eliezer > >> >> root_at_proxy:/etc/squid3# grep -e ^acl -e ^http_acc /etc/squid3/squid.conf >> acl manager proto cache_object >> acl localhost src 127.0.0.1/32 >> acl example src 192.168.11.16/32 >> acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 >> acl westhants proxy_auth REQUIRED >> http_access allow westhants >> http_access allow manager localhost >> http_access allow manager example >> http_access deny all >> acl westhants-network src 192.168.11.0/24 >> acl SSL_ports port 443 >> acl Safe_ports port 80 # http >> acl Safe_ports port 21 # ftp >> acl Safe_ports port 443 # https >> acl Safe_ports port 70 # gopher >> acl Safe_ports port 210 # wais >> acl Safe_ports port 1025-65535 # unregistered ports >> acl Safe_ports port 280 # http-mgmt >> acl Safe_ports port 488 # gss-http >> acl Safe_ports port 591 # filemaker >> acl Safe_ports port 777 # multiling http >> acl CONNECT method CONNECT >> http_access deny !Safe_ports >> http_access deny CONNECT !SSL_ports >> http_access allow localhost >> http_access allow westhants-network >> http_access deny all >> >> Thanks! >> >> -- >> Jeff MacDonald >> jeff_at_terida.com >> 902 880 7375 >> > > > -- > Eliezer Croitoru > https://www1.ngtech.co.il > IT consulting for Nonprofit organizations > eliezer <at> ngtech.co.ilReceived on Wed May 23 2012 - 18:45:24 MDT
This archive was generated by hypermail 2.2.0 : Sun May 27 2012 - 12:00:04 MDT