I have this box I'm trying to setup squid on. I've got it working up to 99% so far because I have an error somewhere that I can't find.
Consider the following ACL part:
acl inbound_myip_1 myip 192.xxx.175.2
tcp_outgoing_address 192.xxx.175.2 inbound_myip_1
acl user_1 proxy_auth johnny
acl user_2 proxy_auth eugene
http_access allow user_1 inbound_myip_1
http_access allow user_2 inbound_myip_1
http_access deny user_1 !inbound_myip_1
http_access deny user_2 !inbound_myip_1
http_access deny all
I have 2 users (johnnyand eugene) who should have access to 192.xxx.175.2. Authentication is done via a python script helper which is tested and works. If I put the proxy in my browser, it first asks for the user/password, I enter my credentials and then replies with an error from squid: Access Denied. If I refresh again the password prompt is not shown any more which means the auth is still in place. I also checked that helper in the console and it replies ok to credentials.
I enabled the debugging to see in my cache log what's happening and here's the relevant part:
2013/12/09 14:10:19.285| authenticateAuthUserAddIp: user 'john' has been seen at a new IP address (109.xxx.147.127:51161)
2013/12/09 14:10:19.285| The request GET http://yahoo.com/ is DENIED, because it matched 'inbound_myip_1'
2013/12/09 14:10:19.286| storeGetMemSpace: Starting, need 1 pages
2013/12/09 14:10:19.286| ZPH: Preserving TOS on miss, TOS=0
2013/12/09 14:10:19.286| The reply for GET http://yahoo.com/ is ALLOWED, because it matched 'inbound_myip_1'
2013/12/09 14:10:19.503| The request GET http://www.squid-cache.org/Artwork/SN.png is DENIED, because it matched 'inbound_myip_1'
2013/12/09 14:10:19.503| ZPH: Preserving TOS on miss, TOS=0
2013/12/09 14:10:19.503| The reply for GET http://www.squid-cache.org/Artwork/SN.png is ALLOWED, because it matched 'inbound_myip_1'
2013/12/09 14:10:25.285| ConnStateData::swanSong: FD 10
2013/12/09 14:12:20.875| ConnStateData::swanSong: FD 8
Any ideas why do my requests get denied?
0 Answers