LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 07-15-2009, 10:21 AM   #1
adityavpratap
Member
 
Registered: Dec 2004
Location: Hyderabad, India
Distribution: Slackware 13, Ubuntu 12.04
Posts: 438

Rep: Reputation: 32
unable to correctly set up the acl list in squid


Hi,
I am trying to configure squid proxy server on my Slackware 12.2 install.
The IP address for my wireless card is say 192.168.1.4
For this I have introduced the following line in squid.conf -

acl localnet src 192.168.1.0-192.168.1.200

then, in order to allow this card to access the net, I have introduced the following line -

http_access allow localnet

However when I restart squid and run Firefox, I am unable to browse. But when I change the line above, to -

http_access allow all

I am able to browse. I am unable to understand why this is happening. Any suggestions?

Thanking in advance,
 
Old 07-16-2009, 03:40 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981
try "acl localnet src 192.168.1.0-192.168.1.200/32" and you really should check your log files before posting, or say that you have checked them... you'd be seeing the deny messages in the logs for more info or outright failures in config parsing and the likes.
 
Old 07-16-2009, 06:11 AM   #3
adityavpratap
Member
 
Registered: Dec 2004
Location: Hyderabad, India
Distribution: Slackware 13, Ubuntu 12.04
Posts: 438

Original Poster
Rep: Reputation: 32
Sorry! My bad! I checked the access.log in /var/log/squid/


1246774220.441 0 127.0.0.1 TCP_DENIED/403 2633 GET http://in.rediff.com/ -
NONE/- text/html

This is a sample line from the log. From this I concluded that the localhost was being denied access to the web. So I replaced
http_access allow localnet
with
http_access allow localhost
localhost being 127.0.0.1
Now I am able to connect to net. But is it the right way to do ?
 
Old 07-16-2009, 06:18 AM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981
well you'd never really use a squid on your own machine would you? by default all those should be there, don't remove the initial lines, just append unless you really know you want to change SSL_SAFEPORTS or other such ACLs
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
squid acl Winanjaya Linux - Server 1 04-23-2009 12:03 PM
Squid acl help cgelectek Linux - Networking 3 11-11-2005 12:04 AM
set time acl and custom message squid cgelectek Linux - Software 1 06-25-2005 12:17 PM
do i need to ACL in squid.conf... razan Linux - Security 2 04-20-2005 07:42 AM
Squid ACL zeroability Linux - Networking 2 01-13-2003 10:30 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 04:44 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration