Boniforti Flavio wrote:
>> Missing the ACL defininitions, specifically that for
>> 'localnet'. Maybe you have not set your local network range
>> properly into it.
>
> Sorry, here the ACLs:
>
> acl manager proto cache_object
> acl localhost src 127.0.0.1/32
> acl to_localhost dst 127.0.0.0/8
>
> acl localnet src 172.16.16.0/24 # RFC1918 possible internal network
>
> acl SSL_ports port 443
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 # https
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl CONNECT method CONNECT
>
> acl domini_bloccati dstdomain "/etc/squid3/domini_bloccati.acl"
>
> My network is 172.16.16.0/24...
In that case the config you posted is all correct. You have a global
allow for localnet before domini_bloccati is ever tested so it can't
even be a bad domain entry in there.
It must be something else doing the denial.
Amos
-- Please be using Current Stable Squid 2.7.STABLE6 or 3.0.STABLE15 Current Beta Squid 3.1.0.8 or 3.0.STABLE16-RC1Received on Wed May 27 2009 - 12:44:44 MDT
This archive was generated by hypermail 2.2.0 : Wed May 27 2009 - 12:00:02 MDT