François Boisson a écrit :
Le Sat, 17 Feb 2007 12:50:14 +0100 david_Pailler <david.pailler@ac-creteil.fr> a écrit:http_access allow manager localhost http_access deny manager http_access allow purge localhost http_access deny purge http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access allow localnet http_access deny all http_reply_access allow all icp_access allow all voila et j'ai rajouté acl localnet src 192.168.0.0/255.255.255.0 et http_access allow localnet avant deny allessayes en mettant acl mesmachines src 192.168.0.1-192.168.0.254 (en dessous de la ligne acl localhost src 127.0.0.1/255.255.255.255) et rajoute http_access allow mesmachines vers le début. Pour être sur que c'est ça, essaye en mettant tout d'abord http_access allow all au tout début des règles http_access...
Pas de changement. bon voila le fichier squid.conf dans son intégralité (désolé ...!) [options...] hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY # OPTIONS WHICH AFFECT THE CACHE SIZE # ----------------------------------------------------------------------------- # auth_param digest program /usr/lib/squid/digest_auth_pw /usr/etc/digpass # # # # By default, the ntlm authentication scheme is not used unless a # program is specified. # # Note: If you're using Samba >= 3.0.2, please install the winbind # package and use the ntlm_auth helper from that package. # # auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp # # "children" numberofchildren # The number of authenticator processes to spawn (no default). If you # start too few Squid will have to wait for them to process a backlog # of credential verifications, slowing it down. When crendential # verifications are done via a (slow) network you are likely to need # #Suggested default: refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 #Recommended minimum configuration: acl localnet src 192.168.0.0/255.255.255.0 acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl mesmachines src 192.168.0.1-192.168.0.254 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 # https, snews acl SSL_ports port 873 # rsync acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 631 # cups acl Safe_ports port 873 # rsync acl Safe_ports port 901 # SWAT acl purge method PURGE acl CONNECT method CONNECT redirect_program /usr/bin/squidGuard redirect_children 10 # Only allow cachemgr access from localhost http_access allow all http_access allow mesmachines http_access allow manager localhost http_access deny manager # Only allow purge requests from localhost http_access allow purge localhost http_access deny purge # Deny requests to unknown ports http_access deny !Safe_ports # Deny CONNECT to other than SSL ports http_access deny CONNECT !SSL_ports # #http_access allow our_networks http_access allow localhost # And finally deny all other access to this proxy http_access deny all # #Allow ICP queries from everyone icp_access allow all