I'm running into some difficulty with "access denied" in squid3 when I
switch it to act as an intercepting proxy. It works as normal when I use
it as a regular proxy but when turning on intercepting (formerly
transparent proxying) the web browser shows this error:
...Access Denied.
Access control vconfiguration prevents your request from
being allowed at this time. Please contact your service
provider if you feel this is incorrect
...
and the access log shows this kind of message in intercept mode but not
as a normal proxy:
1371640231.979 3 192.168.2.33 TCP_DENIED/403 4014 GET
http://blogs.hbr.org/cs/2013/06/you_have_no_control_over_s.html
- HIER_NONE/- text/html
1371640232.045 3 192.168.2.33 TCP_DENIED/403 3922 GET
http://www.squid-cache.org/Artwork/SN.png -
HIER_NONE/- text/html
So I can see that PF is properly forwarding the connection and that the
browser is actually reaching squid3.
However even completely removing any access limitations in squid.conf
does not let the browser through. The following should be open but still
produces the TCP_DENIED message:
http_access allow all
...
http_port 127.0.0.1:3128 intercept
This occurs with in 5.3-stable on i386 with both squid/3.2.11 from ports
and with squid/3.2.7p0 from the CD, so what should I look at changing?
Regards,
/Lars
