Hi, i have been reading trough FAQ and mail archive about similar issues,
but can't find solution. I used Squid normaly, but when i change some ACL
rules i've got:
2006/11/16 02:41:14| ACL name 'all' not defined!
FATAL: Bungled squid.conf line 60: ident_lookup_access deny all
Squid Cache (Version 2.5.STABLE6): Terminated abnormally.
My squid is squid/2.5.STABLE6(istalled trough yum) on CentOS 4.3 OS, my
squid.conf is:
-----------------------------------------------
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
#acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl all_src src 0.0.0.0/0.0.0.0
acl all_dst dst 0.0.0.0/0.0.0.0
acl to_localhost dst 127.0.0.0/8
acl allowed_src_hosts src "/etc/squid/ACLValues/Allowed_src_Hosts.txt"
acl denied_dst_hosts dst "/etc/squid/ACLValues/Denied_dst_Hosts.txt"
acl Open_ports port "/etc/squid/ACLValues/Open_ports.txt"
acl SSL_ports port 443 563
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager all_src
# Deny requests to unknown ports
http_access deny !Open_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
# Allow http_access to localhost, deny to denied_dst_hosts and allow
allowed_src_hosts
http_access deny denied_dst_hosts
http_access allow localhost
http_access allow allowed_src_hosts
# And finally deny all other access to this proxy
http_access deny all_src
http_access allow all_dst
#Allow http_reply_access to all_src
http_reply_access allow all_src
#Allow icp_access to allowed_src_hosts
icp_access allow allowed_src_hosts
icp_access deny all_src
coredump_dir /var/spool/squid
-----------------------------------------------
The idea here is block "http_access" to hosts exept "allowed_src_hosts", to
deny "denied_dst_hosts" and other ports than "Open_ports", other rules are
default.
My Squid is 56 lines long and i don't use "all" ACL uniquename anywhere ( i
used in previous configs, now is commented and i use "all_src" instead). I
found it nonsense that squid drops: "FATAL: Bungled squid.conf line 60:
ident_lookup_access deny all", my file is 56 lines. What is happening
exactly?, i saw issues like this( with line number ) in other's question and
solution was something totally unrelated with parse error trown and line
specified in the error message(I don't use "ident_lookup_access deny all"
why is this mentioned?? in trown error). However when i uncomment the: "#acl
all src 0.0.0.0/0.0.0.0" line squid is working normaly. What is the cause of
this issue, can be the way the squid was compiled? or what?
Thanks for reading this!
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
Received on Thu Nov 16 2006 - 17:39:21 MST
This archive was generated by hypermail pre-2.1.9 : Fri Dec 01 2006 - 12:00:03 MST