[squid-users] ACL and localhost problems

From: Calvin Smith <calvins@dont-contact.us>
Date: Wed, 7 Aug 2002 15:02:36 -0700

I have searched the list archives and can not find out why my setup doesn't
seem to work. The problem I am having is I am denied access when I use the
following squid.conf:

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
#
# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
#
http_access allow localhost
#
http_access deny all

If I remove the localhost and allow all or if I add authentication and only
allow authenticated users everything works OK.
I am running this on FreeBSD 4.4 and squid 2.4. I think I must be missing
something simple and so maybe another set of eyes will see it.

Thanks
Received on Wed Aug 07 2002 - 16:02:21 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:09:33 MST