I'm trying to get the acl's on my new squid server configured correctly and
they are driving me crazy. Would someone be so kind as to point out what I
am doing wrong?
Here is my squid.conf:
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 300 MB
cache_dir ufs /usr/local/squid/cache/1 5000 6 256
cache_dir ufs /usr/local/squid/cache/2 5000 6 256
cache_dir ufs /usr/local/squid/cache/3 5000 6 256
cache_dir ufs /usr/local/squid/cache/4 5000 6 256
debug_options ALL,2
authenticate_program /usr/local/squid/libexec/squid/pam_auth
authenticate_children 5
authenticate_ttl 1 hour
authenticate_ip_ttl 1 hour
acl all src 0.0.0.0/0.0.0.0
# set up the acl name for the local network
acl localnetwork proxy_auth 10.1.7.0/24
# set up the acl name for user authentication
acl localusers proxy_auth REQUIRED
# set up all the denies for those not in the local network
http_access deny !localnetwork
# set up the user authentication
http_access allow localusers
# set up the allows for the local network
http_access allow localnetwork
# deny anything that passes beyond this point
http_access deny all
icp_access allow all
cache_effective_user squid
cache_effective_group squid
And here is the error I get when I try to surf from my local client pc (on
the same network).
2002/01/25 16:55:23| The request GET http://slashdot.org/ is DENIED,
because it matched 'localnetwork'
Thanks,
chris
Received on Fri Jan 25 2002 - 14:59:42 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:05:57 MST