PDA

View Full Version : Squid Proxy problem

xMoDx
10th June 2008, 06:11 AM
ERROR
The requested URL could not be retrieved

While trying to retrieve the URL: http://forums.fedoraforum.org/forum/

The following error was encountered:

* Access Denied.

Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.

Your cache administrator is root.


attached is my config file, can someone please help me what i forgot to uncomment and change in settings?
homey
10th June 2008, 12:36 PM
The first thing I do is run this command to make the squid.conf readable with a backup file so I can lookup other sections if needed.

# Trim down the squid.conf
sed -i.bak '/^$/d; /^#/d' /etc/squid/squid.conf


I also make the realm name shorter so it's less confusing

auth_param basic realm caching_server


I was able to get your error when my ip address didn't match the ip range in
our_networks. So, check to be sure you are actually on that network or change it in the squid.conf

acl our_networks src 192.168.1.0/24 192.168.2.0/24


Here's what does work on my system...

auth_param basic realm caching_server
auth_param basic children 5
auth_param basic credentialsttl 2 hour
auth_param basic casesensitive off

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl our_networks src 192.168.1.0/24 192.168.2.0/24

http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow our_networks
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow all

http_port 3128
hierarchy_stoplist cgi-bin ?
access_log /var/log/squid/access.log squid
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
coredump_dir /var/spool/squid