I created the squid.conf file for a server and my squid server was
running ok. When I switched to a different computer and tried to
authenticate everything stopped working and all I get is this:
While trying to retrieve the URL: http://www.google.com/
The following error was encountered:
Cache Access Denied.
Sorry, you are not currently allowed to request:
http://www.google.com/
from this cache until you have authenticated yourself.
Please keep in mind that I'm building an anonymous proxy service so
that's why the "Paranoid anonymize" headers. Here's my squid config:
http_port 8888
visible_hostname weezie
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
acl ncsa_users proxy_auth REQUIRED
# No local caching
maximum_object_size 0 KB
minimum_object_size 0 KB
# No local log
cache_access_log /dev/null
cache_store_log /dev/null
acl ip1 myip x.37.196.188
acl ip2 myip x.37.196.189
acl ip3 myip x.37.196.190
acl ip4 myip x.37.196.191
acl ip5 myip x.213.223.188
acl ip6 myip x.213.223.189
acl ip7 myip x.213.223.190
acl ip8 myip x.213.223.191
tcp_outgoing_address x.37.196.188 ip1
tcp_outgoing_address x.37.196.189 ip2
tcp_outgoing_address x.37.196.190 ip3
tcp_outgoing_address x.37.196.191 ip4
tcp_outgoing_address x.213.223.188 ip5
tcp_outgoing_address x.213.223.189 ip6
tcp_outgoing_address x.213.223.190 ip7
tcp_outgoing_address x.213.223.191 ip8
acl user1 proxy_auth ciokan
acl user2 proxy_auth ciokan
acl user3 proxy_auth ciokan
acl user4 proxy_auth ciokan
acl user5 proxy_auth ciokan
acl user6 proxy_auth ciokan
acl user7 proxy_auth ciokan
acl user8 proxy_auth ciokan
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl SSL_ports port 443 # https
acl SSL_ports port 563 # snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny !ncsa_users
http_access allow ncsa_users
http_access allow ip1
http_access allow ip2
http_access allow ip3
http_access allow ip4
http_access allow ip5
http_access allow ip6
http_access allow ip7
http_access allow ip8
http_access deny all
icp_access deny all
ident_lookup_access deny all
# no forwarded quite useless for an anonymizer
forwarded_for off
# no client stat
client_db off
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
#
# Paranoid anonymize
header_access Allow allow all
header_access Authorization allow all
header_access Cache-Control allow all
header_access Content-Encoding allow all
header_access Content-Length allow all
header_access Content-Type allow all
header_access Date allow all
header_access Expires allow all
header_access Host allow all
header_access If-Modified-Since allow all
header_access Last-Modified allow all
header_access Location allow all
header_access Pragma allow all
header_access Accept allow all
#header_access Charset allow all
header_access Accept-Encoding allow all
header_access Accept-Language allow all
header_access Content-Language allow all
header_access Mime-Version allow all
header_access Retry-After allow all
header_access Title allow all
header_access Connection allow all
header_access Proxy-Connection allow all
header_access All deny all
strip_query_terms on
cache_dir null /tmp
hosts_file /etc/hosts
coredump_dir /var/spool/squid
Please let me know if you spot anything wrong. I appreciate your
attention. Thanks.
Received on Sat Feb 13 2010 - 22:18:21 MST
This archive was generated by hypermail 2.2.0 : Sun Feb 14 2010 - 12:00:05 MST