Find the answer to your Linux question:
Results 1 to 3 of 3
OK, first off I'm new to this so I'm not familiar with all you guy's lingo. More details is always better. It would seem as though Squid is denying everything, ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Oct 2004
    Posts
    4

    Squid is denying everything (on a fresh install)


    OK, first off I'm new to this so I'm not familiar with all you guy's lingo. More details is always better.

    It would seem as though Squid is denying everything, even when I specifically set it to allow local connectivity. To get it to work, my http_access looks like this:

    Code:
    # http_access allow manager localhost
    # http_access deny manager
    # http_access deny !Safe_ports
    # http_access deny CONNECT !SSL_ports
    # http_access deny to_localhost
    # acl our_networks src 192.168.0.0/24
    # http_access allow our_networks
    http_access allow all
    Yes, I know this thing is wide-open, but it's the only way to get it to work. My network is on a 192.168.0.x IP scheme, and the subnet whateverthehellyoucallit is 255.255.255.0. Logically, I would think this would work, since my entire network is on the "white list":

    Code:
    # http_access allow manager localhost
    # http_access deny manager
    # http_access deny !Safe_ports
    # http_access deny CONNECT !SSL_ports
    # http_access deny to_localhost
    acl our_networks src 192.168.0.0/24
    http_access allow our_networks
    http_access deny all
    But it doesn't work. All I get is a simple "Access Denied."

    What gives? This seems to defy logic!

  2. #2
    Linux Engineer jledhead's Avatar
    Join Date
    Oct 2004
    Location
    North Carolina
    Posts
    1,077
    Quote Originally Posted by sac_tagg
    OK, first off I'm new to this so I'm not familiar with all you guy's lingo. More details is always better.

    It would seem as though Squid is denying everything, even when I specifically set it to allow local connectivity. To get it to work, my http_access looks like this:

    Code:
    # http_access allow manager localhost
    # http_access deny manager
    # http_access deny !Safe_ports
    # http_access deny CONNECT !SSL_ports
    # http_access deny to_localhost
    # acl our_networks src 192.168.0.0/24
    # http_access allow our_networks
    http_access allow all
    Yes, I know this thing is wide-open, but it's the only way to get it to work. My network is on a 192.168.0.x IP scheme, and the subnet whateverthehellyoucallit is 255.255.255.0. Logically, I would think this would work, since my entire network is on the "white list":

    Code:
    # http_access allow manager localhost
    # http_access deny manager
    # http_access deny !Safe_ports
    # http_access deny CONNECT !SSL_ports
    # http_access deny to_localhost
    acl our_networks src 192.168.0.0/24
    http_access allow our_networks
    http_access deny all
    But it doesn't work. All I get is a simple "Access Denied."

    What gives? This seems to defy logic!
    and I will start by saying I am not the squid expert, but aren't the acl's to define stuff and then the http_access is to allow or deny stuff defined?

    I am not currently using squid and just glanced at my old conf file. it looks like for every http_access there is an acl defining it. If that is true then your conf is just defining your network and not allowing or denying it, so then everything gets denied.

    check this link
    http://squid-docs.sourceforge.net/latest/html/x591.html

  3. #3
    Linux User Allblack's Avatar
    Join Date
    May 2003
    Location
    Godzone
    Posts
    416
    I only installed squid once and I don't have the config file here at the moment.
    acl are read from top to bottom and squid stops reading them when one is a conclusive match.

    Does it work if you specify just one source address,

    acl home_nw 192.168.0.65
    http_access allow home_nw
    http_access deny all

    Just want to see if taking it a step back makes it works. What do logs say?
    I am on a journey to mastering Linux and I got a bloody long way to go!!!

  4. $spacer_open
    $spacer_close

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •