Help - Search - Members - Calendar
Full Version: Squid Access Denied Help
Linuxhelp > Support > Technical Support
eurekaguy4u
hi friends,

i newly installed squid 2.4 on Red Hat Linux Enterprise server. It is working fine for all my web site, till i tried to access a website which is on port no. 712 like "http://websitename:712/" , while doing this , got following error message : -

The following error was encountered:

* Access Denied.

Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.

Please help me how to resolve it.

euro guy
Robert83
Hello

look for a ACL Dangerous Ports or search trought the squid config file

/etc/squid/squid.conf

and look for a port 712

once found paste those lines to me, so that I can have a look at it.


Sincerely
Robert B
eurekaguy4u
HI

tried one config file from one of my friend, which i earlier tested too on my other server with some changes. but after using that too i am getting the same "Access Denied" message.

i m sure there is some problem with the current installation but not getting out what is that, somebody help plz

Euroguy
Robert83
Hi,

please read my post if I may ask...

Look for a ACL Dangerous Ports in squid.conf 721

something like this

acl Dangerous_ports port 7 9 19 22 23 25 53 109 110 119 721


Sincerely
Robert B
eurekaguy4u
hi robert,


i checked bout the dangerous port setting it is not there, one more thing, i m just telling you that one port 712 is giving this, but all bit torrent trackers are also giving me the same error message.

Earlier once i installed one of my server and used the same squid.conf file which worked well , but now it is not working.


Euro Guy
Robert83
Hi,

then try the following before the ACL Dangerous Ports


ACL Safe_ports port 721


then restart squid

/etc/init.d/squid restart

try again

Sincerely
Robert B
Robert83
Then

maybe you should add the following line ther

acl Dangerous_ports port 7 9 19 22 23 25 53 109 110 119

I don't know what the default for dangerous ports are , but probably that port is listed there by default.

you can add the above to change the default

or add this

ACL Safe_ports port 721


but I would reccomend the acl Dangerous_ports to be added.

Sincerely
Robert B
Robert83
Hi

or even better
add this line after the acl where you define your clients

acl Dangerous_ports port 7 9 19 22 23 25 53 109 110 119 721

this one is better , cause you change the default Dangerous ports to these.

Sincerely
Robert B
eurekaguy4u
i m pasting the acl part of my squid conf.

acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http


when i tried to download a file from bittorrent site , it is giving me the 403 forbidden error in the bit torrent client
Robert83
Hi,

just add a

acl Safe_ports port 712
there and it should work

Sincerely
Robert b
eurekaguy4u
I tried that too , but still problem persists
eurekaguy4u
hi ,

nothing solved my problem yet,

i checked the access.log of squid it is giving me following error message :-

1127719673.640 1 191.254.13.59 TCP_DENIED/403 1033 GET http://freeeforums.blogdns.com:712/favicon.ico - NONE/- -

Why this is coming , plz help me

EuroGUY
Robert83
Hi,

I to get the same error when trying to connect to that site.

Lets check a few things :

1. is squid working ok when accessing sites like

www.google.com
www.nvidia.com
www.microsoft.com
www.ati.com
www.linuxhelp.ca
www.emuunlim.com
www.pcsx2.net

if squid opens up these pages okay, and you are able to browse trough them, then I think the above site is the problem , and not your squid install.

Since I recieve a CONNECTION REFUSED from the server. (aka I'm not allowed to connect to it)

Sincerely
Robert B
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2017 Invision Power Services, Inc.