Re: [squid-users] access denied

From: Eliezer Croitoru <eliezer_at_ngtech.co.il>
Date: Fri, 04 Jul 2014 05:32:20 +0300

Hey There,

We will need more information in the form of:
Client address
Squid Address
Routing scheme\description
iptables rules
access.log output
Is the squid box the gateway of the network?

In almost all cases the denied is rightful.

Eliezer

On 07/03/2014 06:42 PM, WiNET . wrote:
> I keep getting:
>
> Access Denied.
>
> Access control configuration prevents your request from being allowed
> at this time. Please contact your service provider if you feel this is
> incorrect.
>
> Your cache administrator is webmaster.
>
>
> I'm not sure what is wrong. I used to run squid2.7 a long while ago,
> this is my first time trying to setup squid3 (squid v3.3.8 if I'm not
> mistaken)
>
> my squid.conf:
>
> http_port 3129 transparent
> acl our_networks src 192.168.0.0/16
> acl SSL_ports port 443
> acl Safe_ports port 80
> acl Safe_ports port 21
> acl Safe_ports port 443
> acl Safe_ports port 70
> acl Safe_ports port 210
> acl Safe_ports port 1025-65535
> acl Safe_ports port 280
> acl Safe_ports port 488
> acl Safe_ports port 591
> acl Safe_ports port 777
> acl Safe_ports port 3129
> acl CONNECT method CONNECT
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> http_access allow localhost manager
> http_access deny manager
> http_access allow our_networks
> http_access deny all
> qos_flows tos local-hit=0x30
> qos_flows mark local-hit=0x30
> cache_mem 1024 MB
> maximum_object_size_in_memory 2048 KB
> memory_replacement_policy heap LFUDA
> cache_replacement_policy heap LRU
> cache_dir ufs /mnt/cache/cache1 8000 16 256
> cache_dir ufs /mnt/cache/cache2 8000 16 256
> cache_dir ufs /mnt/cache/cache3 8000 16 256
> cache_dir ufs /mnt/cache/cache4 8000 16 256
> maximum_object_size 1024 MB
> logfile_rotate 9
> coredump_dir /var/spool/squid3
> refresh_pattern ^ftp: 1440 20% 10080
> refresh_pattern ^gopher: 1440 0% 1440
> refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
> refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
> refresh_pattern . 0 20% 4320
> dns_nameservers 8.8.8.8 8.8.4.4
Received on Fri Jul 04 2014 - 02:34:42 MDT

This archive was generated by hypermail 2.2.0 : Fri Jul 04 2014 - 12:00:05 MDT