Hi,
Everything looks like it should work. Can you set debug_options to 28,9
and send the debug out from cache.log. I have essentially the same setup
as you do and when I try
telnet localhost 3128
CONNECT somehost:80 HTTP/1.0
[note the extra newline here]
I get:
2001/07/17 08:49:34| aclCheckFast: list: 0x81c75d0
2001/07/17 08:49:34| aclMatchAclList: checking all
2001/07/17 08:49:34| aclMatchAcl: checking 'acl all src 0.0.0.0/0.0.0.0'
2001/07/17 08:49:34| aclMatchIp: '127.0.0.1' found
2001/07/17 08:49:34| aclMatchAclList: returning 1
2001/07/17 08:49:45| aclCheck: checking 'http_access allow manager localhost'
2001/07/17 08:49:45| aclMatchAclList: checking manager
2001/07/17 08:49:45| aclMatchAcl: checking 'acl manager proto cache_object'
2001/07/17 08:49:45| aclMatchAclList: returning 0
2001/07/17 08:49:45| aclCheck: checking 'http_access deny manager'
2001/07/17 08:49:45| aclMatchAclList: checking manager
2001/07/17 08:49:45| aclMatchAcl: checking 'acl manager proto cache_object'
2001/07/17 08:49:45| aclMatchAclList: returning 0
2001/07/17 08:49:45| aclCheck: checking 'http_access deny !Safe_ports'
2001/07/17 08:49:45| aclMatchAclList: checking !Safe_ports
2001/07/17 08:49:45| aclMatchAcl: checking 'acl Safe_ports port 80 81 21 443 563 70 210 1025-65535'
2001/07/17 08:49:45| aclMatchAclList: returning 0
2001/07/17 08:49:45| aclCheck: checking 'http_access deny CONNECT !SSL_ports'
2001/07/17 08:49:45| aclMatchAclList: checking CONNECT
2001/07/17 08:49:45| aclMatchAcl: checking 'acl CONNECT method CONNECT'
2001/07/17 08:49:45| aclMatchAclList: checking !SSL_ports
2001/07/17 08:49:45| aclMatchAcl: checking 'acl SSL_ports port 443 563 8082'
2001/07/17 08:49:45| aclMatchAclList: returning 1
2001/07/17 08:49:45| aclCheck: match found, returning 0
2001/07/17 08:49:45| aclCheckCallback: answer=0
which clearly shows "http_access deny CONNECT !SSL_ports" doing its job.
Colin
Received on Mon Jul 16 2001 - 17:15:48 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:01:08 MST