RE: [squid-users] Squid, Dansguardian and follow_x_forwarded_for

Hello Henrik,

Thanks for the quick response! In my acl list I added:

acl our_networks src 192.168.50.0/24

and for the follow_x_forwarded_for I added:

follow_x_forwarded_for allow our_networks

and then further down I added:

http_access allow our_networks

But I am still seeing the 'Denied Access' page in my browser. Maybe I
misunderstood you, but do those look ok?

Thanks

-Dean
-----Original Message-----
From: Henrik Nordstrom [mailto:henrik@henriknordstrom.net]
Sent: Wednesday, November 15, 2006 10:38 PM
To: Dean Searle
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] Squid, Dansguardian and
follow_x_forwarded_for

ons 2006-11-15 klockan 21:33 -0500 skrev Dean Searle:

> first cache after the user. When I use 'follow_x_forwarded_for allow
> localhost' or 'follow_x_forwarded_for allow all' and then try to
access
> google.com it comes up with an Access Denied page from Squid, but my
web
> log from sarg does show the proper IP coming through, but only denied.

Check your http_access rules. When using follow_x_forwarded_for the src
acl will match the original source IP.

To restrict direct Squid access tell Squid to only listen on localhost
(127.0.0.1:3128).

Regards
Henrik

________________________________

avast! Antivirus <http://www.avast.com> : Outbound message clean.

Virus Database (VPS): 0649-0, 11/15/2006
Tested on: 11/15/2006 11:48:32 PM
avast! - copyright (c) 1988-2006 ALWIL Software.
Received on Wed Nov 15 2006 - 21:48:37 MST