Re: [squid-users] Forward & Reverse Proxy run togather

From: Kenny Lee <kenny.lee@dont-contact.us>
Date: Mon, 16 Apr 2007 15:51:01 +0800

Hi Micheal,

i have put in the DEBUG_OPTIONS into my squid.conf, and when i checked on my
access.log, i found this ... but dont know what it's mean, can you help to
explain?

Below are the records copied out from my access.log
1176708775.803 0 123.123.123.123 TCP_DENIED/403 1424 POST
http://www.example.com/test/testing/welcome.asp - NONE/- text/html
1176708775.804 3 192.168.1.10 TCP_MISS/403 1507 POST
http://www.example.com/test/testing/welcome.asp - DIRECT/123.123.123.123
text/html

note: 123.123.123.123 is my proxy server external IP, and 192.168.1.10 is my
PC's LAN IP.

anyway i also added some settings into my squid.conf, but it seem like not
working too ...

acl test urlpath_regex ^/test
cache_peer_access server_1 allow test #server_1 is my web server

Thank you

Regards,
Kenny

----- Original Message -----
From: "Michael Alger" <squid@mm.quex.org>
To: <squid-users@squid-cache.org>
Sent: Friday, April 13, 2007 08:40 PM
Subject: Re: [squid-users] Forward & Reverse Proxy run togather

> On Fri, Apr 13, 2007 at 06:10:27PM +0800, Kenny Lee wrote:
>>
>> thank for your help ... finally my Forward & Reverse Proxy is
>> working now ... hehehe ...
>>
>> but another problem came out ... sory to bother you again ...
>>
>> ok ... now i can browse to my website www.example.com , but when i
>> go more deeper like www.example.com/test/welcome.asp it came out
>> an Error, said that " The requested URL could not be retrieved,
>> Access Denied" ... but i able to browse the website from outside.
>>
>> Any setting i need to add on into squid.conf more?
>
> What ACLs did you set up to permit access to your website? You might
> want to try increasing the debugging level; you can get it to spit
> out information about every ACL it is processing, which will tell
> you exactly why it's denying access.
>
> Probably the best bet will be to use:
>
> debug_options ALL,1 33,2
>
> Then reload and watch your cache_log. You should see entries like:
>
> 2007/04/13 20:37:17| The request GET http://www.example.com/... is
> ALLOWED, because it matched 'port80'
>
> Find the ones where it's denying your access, and you should be able to
> see which access list is causing it to be rejected.
>
Received on Mon Apr 16 2007 - 01:49:52 MDT

This archive was generated by hypermail pre-2.1.9 : Tue May 01 2007 - 12:00:01 MDT