Re: [squid-users] "src" access rule not working

From: Christoph Haas <email@dont-contact.us>
Date: Thu, 12 Jan 2006 15:55:41 +0100

On Wednesday 11 January 2006 23:28, Ted Ritchie wrote:
> I have what should be a very simple addition that I am trying to make to
> my squid.conf file. I must be overlooking something rather obvious and
> would appreciate it if someone would point me in the right direction. I
> am trying to make it so that I can allow access through the squid server
> to specific IP address (See the comment with all the ****s in my config
> file). So I added the necessary acl http_access commands and reloaded
> the system, but no luck. In fact I have been hacking away at this for
> several hours now and I am not making any progress. Any pointers would
> be greatly appreciated.
>
> acl Allowed_Linux_Servers_To_Outside src 192.168.10.48/255.255.255.255
> [...]
> http_access allow manager localhost
> http_access deny manager
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> http_access allow Allowed-Domains
> http_access allow Allowed_IPs
> http_access deny Blocked_Ad_Servers
> http_access allow Webmail_Block_Bypass
> http_access deny Blocked_Webmail_Servers
> http_access deny Blocked_Other_Servers
> http_access allow Allowed_Linux_Servers_To_Outside
> http_access allow Full_Internet_Access
> http_access deny all

Is the server in question really coming from the IP 192.168.10.48? Is the
IP shown in the access.log? (by the way: the "/255.255.255.255" is
superfluous)

Perhaps even another ACL matches although you don't want that. Try to set
"debug_options ALL,1 33,2", reload Squid and watch the cache.log to see
which ACL match.

 Christoph

P.S.: Ted, apologies for the double-reply.

-- 
Never trust a system administrator who wears a tie and suit.
Received on Thu Jan 12 2006 - 07:56:02 MST

This archive was generated by hypermail pre-2.1.9 : Wed Feb 01 2006 - 12:00:01 MST