[squid-users] TCP 403 Denied on new squid build out

Eliezer Croitoru eliezer at ngtech.co.il
Thu Jan 12 01:03:35 UTC 2017 

Try the next:
Remove:
never_direct allow all

And add at the first line of the file
http_access allow all

And see if it let you surf.
If so then something is twisted in the config file order.

Eliezer

----
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: eliezer at ngtech.co.il


-----Original Message-----
From: squid-users [mailto:squid-users-bounces at lists.squid-cache.org] On Behalf Of roadrage27
Sent: Wednesday, January 11, 2017 6:33 PM
To: squid-users at lists.squid-cache.org
Subject: [squid-users] TCP 403 Denied on new squid build out

Built out Squid 3.5 on ubuntu 14.04  logs showing 403 denied when accessing
any resources, any help is appreciated

here is my conf file for reference.


acl localhost src 127.0.0.1/32

acl to_localhost dst 127.0.0.0/8

acl localnet src 0.0.0.0/8 10.145.68.0/24

acl myip src 10.145.68.148/32

acl to_localnet dst 10.145.68.0/24

acl search_engines dstdomain .yahoo.com .google.com

acl SSL_ports port 443

acl Safe_ports port 80          # http

acl Safe_ports port 21          # ftp

acl Safe_ports port 443         # https

acl Safe_ports port 70          # gopher

acl Safe_ports port 210         # wais

acl Safe_ports port 1025-65535  # unregistered ports

acl Safe_ports port 280         # http-mgmt

acl Safe_ports port 488         # gss-http

acl Safe_ports port 591         # filemaker

acl Safe_ports port 777         # multiling http

 

acl CONNECT method CONNECT

never_direct allow all

http_access allow search_engines

http_access allow manager localhost

http_access deny manager

http_access deny !Safe_ports

http_access allow localnet

http_access allow to_localnet

http_access allow myip

http_access allow all

http_access deny to_localhost

icp_access deny all

http_access deny all

 

http_port 3128

hierarchy_stoplist cgi-bin ?

access_log /var/log/squid3/access.log squid

 

 

#Suggested default:

refresh_pattern ^ftp:           1440    20%     10080

refresh_pattern ^gopher:        1440    0%      1440

refresh_pattern -i (/cgi-bin/|\?) 0 0% 0

refresh_pattern .               0       20%     4320

# Leave coredumps in the first cache dir

coredump_dir /var/spool/squid3



--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/TCP-403-Denied-on-new-squid-build-out-tp4681127.html
Sent from the Squid - Users mailing list archive at Nabble.com.
_______________________________________________
squid-users mailing list
squid-users at lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

More information about the squid-users mailing list