Есть: adsl модем, подключенный к серверу по локальной сети Сервер (debian) подключенный через VPN к интернету. Локальная сеть squid 2.5 stable9 Нужно: чтобы пользователи из локальной сети ходили в нет через прокси с авторизацией. Проблема -- squid не пускает никого, даже если указано
acl all src 0.0.0.0/0.0.0.0 http_access allow all При попытке войти и в вышеуказанном случае, и в случае если пользователи прописаны пишет что: ERROR The requested URL could not be retrieved While trying to retrieve the URL: http://debian.org/ The following error was encountered: Access Denied. Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect. Your cache administrator is webmaster. Что я не так делаю? Конфиг сквида: http_port 3128 icp_port 0 htcp_port 0 hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY cache_mem 8 MB cache_swap_low 90 cache_swap_high 95 maximum_object_size 4096 KB minimum_object_size 4 KB maximum_object_size_in_memory 8 KB ipcache_size 2048 ipcache_low 90 ipcache_high 95 сache_dir ufs /var/spool/squid 1024 16 256 cache_access_log /var/log/squid/access.log сache_log /var/log/squid/cache.log cache_store_log /var/log/squid/store.log emulate_httpd_log on log_ip_on_direct on # TAG: client_netmask #A netmask for client addresses in logfiles and cachemgr output. #Change this to protect the privacy of your cache clients. #A netmask of 255.255.255.0 will log all IP's in that range with #the last digit set to '0'. # #Default: # client_netmask 255.255.255.255 ftp_list_width 32 ftp_passive on dns_nameservers 81.25.32.34 81.25.32.9 connect_timeout 2 minutes peer_connect_timeout 30 seconds read_timeout 15 minutes request_timeout 30 seconds client_lifetime 1 day half_closed_clients on ident_timeout 10 seconds auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd #auth_param basic chilren 5 auth_param basic realm server acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl SSL_ports port 443 563 acl Safe_ports port 80# http acl Safe_ports port 21# ftp acl Safe_ports port 443 563# https, snews acl Safe_ports port 70# gopher acl Safe_ports port 210# wais acl Safe_ports port 1025-65535# unregistered ports acl Safe_ports port 280# http-mgmt acl Safe_ports port 488# gss-http acl Safe_ports port 591# filemaker acl Safe_ports port 777# multiling http acl Safe_ports port 901# SWAT acl purge method PURGE acl CONNECT method CONNECT acl user src 192.168.55.0/255.255.255.0 http_access deny manager all http_access allow user http_access deny all #http_access deny !slon # # Only allow cachemgr access from localhost ##http_access allow manager localhost slon ##http_access deny manager # Only allow purge requests from localhost ##http_access allow purge localhost slon ##http_access deny purge # Deny requests to unknown ports ##http_access deny !Safe_ports # Deny CONNECT to other than SSL ports ##http_access deny CONNECT !SSL_ports icp_access allow all cache_mgr webmaster cache_effective_user proxy cache_effective_group proxy visible_hostname server httpd_accel_port 80 # httpd_accel_with_proxy off dns_testnames adsl.by debian.org kernel.org # forwarded_for on # error_directory /usr/lib/squid/errors/English snmp_port 3401 snmp_access allow all # ie_refresh off http_port 3128 httpd_accel_with_proxy off httpd_accel_uses_host_header off visible_hostname server hierarchy_stoplist cgi-bin chat