Squid TCP_DENIED/403 4037 GET http://detectportal.firefox.com/success.txt - HIER_NONE/- text/html












1















I've just installed Squid 3.5.27 on Ubuntu Server 18.04



user@ubuntu:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 18.04 LTS
Release: 18.04
Codename: bionic
user@ubuntu:~$


user@ubuntu:~$ dpkg -l | grep squid
ii squid 3.5.27-1ubuntu1 amd64 Full featured Web Proxy cache (HTTP proxy)
ii squid-common 3.5.27-1ubuntu1 all Full featured Web Proxy cache (HTTP proxy) - common files
ii squid-langpack 20170901-1 all Localized error pages for Squid
user@ubuntu:~$


user@ubuntu:~$ squid -v
Squid Cache: Version 3.5.27
Service Name: squid
Ubuntu linux
configure options: '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=${prefix}/include' '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--libexecdir=${prefix}/lib/squid3' '--srcdir=.' '--disable-maintainer-mode' '--disable-dependency-tracking' '--disable-silent-rules' 'BUILDCXXFLAGS=-g -O2 -fdebug-prefix-map=/build/squid3-28YJxG/squid3-3.5.27=. -fstack-protector-strong -Wformat -Werror=format-security -Wno-error=deprecated -Wno-error=format-truncation -Wdate-time -D_FORTIFY_SOURCE=2 -Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -Wl,--as-needed' '--datadir=/usr/share/squid' '--sysconfdir=/etc/squid' '--libexecdir=/usr/lib/squid' '--mandir=/usr/share/man' '--enable-inline' '--disable-arch-native' '--enable-async-io=8' '--enable-storeio=ufs,aufs,diskd,rock' '--enable-removal-policies=lru,heap' '--enable-delay-pools' '--enable-cache-digests' '--enable-icap-client' '--enable-follow-x-forwarded-for' '--enable-auth-basic=DB,fake,getpwnam,LDAP,NCSA,NIS,PAM,POP3,RADIUS,SASL,SMB' '--enable-auth-digest=file,LDAP' '--enable-auth-negotiate=kerberos,wrapper' '--enable-auth-ntlm=fake,smb_lm' '--enable-external-acl-helpers=file_userip,kerberos_ldap_group,LDAP_group,session,SQL_session,time_quota,unix_group,wbinfo_group' '--enable-url-rewrite-helpers=fake' '--enable-eui' '--enable-esi' '--enable-icmp' '--enable-zph-qos' '--enable-ecap' '--disable-translation' '--with-swapdir=/var/spool/squid' '--with-logdir=/var/log/squid' '--with-pidfile=/var/run/squid.pid' '--with-filedescriptors=65536' '--with-large-files' '--with-default-user=proxy' '--enable-build-info=Ubuntu linux' '--enable-linux-netfilter' 'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 -fdebug-prefix-map=/build/squid3-28YJxG/squid3-3.5.27=. -fstack-protector-strong -Wformat -Werror=format-security -Wall' 'LDFLAGS=-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -Wl,--as-needed' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2' 'CXXFLAGS=-g -O2 -fdebug-prefix-map=/build/squid3-28YJxG/squid3-3.5.27=. -fstack-protector-strong -Wformat -Werror=format-security -Wno-error=deprecated -Wno-error=format-truncation'
user@ubuntu:~$


Unfortunately, it doesn't work. This is the /var/log/squid/access.log



user@ubuntu:~$ sudo tail -F /var/log/squid/access.log
1530545854.655 1 192.168.0.254 TCP_DENIED/403 4037 GET http://detectportal.firefox.com/success.txt - HIER_NONE/- text/html
1530545857.667 1 192.168.0.254 TCP_DENIED/403 4037 GET http://detectportal.firefox.com/success.txt - HIER_NONE/- text/html
1530545860.673 0 192.168.0.254 TCP_DENIED/403 4037 GET http://detectportal.firefox.com/success.txt - HIER_NONE/- text/html


This is /etc/squid/squid.conf config



user@ubuntu:~$ egrep -nv '^#|^$' /etc/squid/squid.conf  
980:acl localnet src 192.168.0.0/24
982:acl SSL_ports port 443
983:acl Safe_ports port 80 # http
984:acl Safe_ports port 21 # ftp
985:acl Safe_ports port 443 # https
986:acl Safe_ports port 70 # gopher
987:acl Safe_ports port 210 # wais
988:acl Safe_ports port 1025-65535 # unregistered ports
989:acl Safe_ports port 280 # http-mgmt
990:acl Safe_ports port 488 # gss-http
991:acl Safe_ports port 591 # filemaker
992:acl Safe_ports port 777 # multiling http
993:acl CONNECT method CONNECT
1170:http_access deny !Safe_ports
1173:http_access deny CONNECT !SSL_ports
1176:http_access allow localhost manager
1177:http_access deny manager
1192:http_access allow localhost
1195:http_access deny all
1613:http_port 3128
4256:coredump_dir /var/spool/squid
4887:refresh_pattern ^ftp: 1440 20% 10080
4888:refresh_pattern ^gopher: 1440 0% 1440
4889:refresh_pattern -i (/cgi-bin/|?) 0 0% 0
4890:refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
4893:refresh_pattern . 0 20% 4320
user@ubuntu:~$


What caused the issue? Was it ACL?



How to fix it?










share|improve this question





























    1















    I've just installed Squid 3.5.27 on Ubuntu Server 18.04



    user@ubuntu:~$ lsb_release -a
    No LSB modules are available.
    Distributor ID: Ubuntu
    Description: Ubuntu 18.04 LTS
    Release: 18.04
    Codename: bionic
    user@ubuntu:~$


    user@ubuntu:~$ dpkg -l | grep squid
    ii squid 3.5.27-1ubuntu1 amd64 Full featured Web Proxy cache (HTTP proxy)
    ii squid-common 3.5.27-1ubuntu1 all Full featured Web Proxy cache (HTTP proxy) - common files
    ii squid-langpack 20170901-1 all Localized error pages for Squid
    user@ubuntu:~$


    user@ubuntu:~$ squid -v
    Squid Cache: Version 3.5.27
    Service Name: squid
    Ubuntu linux
    configure options: '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=${prefix}/include' '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--libexecdir=${prefix}/lib/squid3' '--srcdir=.' '--disable-maintainer-mode' '--disable-dependency-tracking' '--disable-silent-rules' 'BUILDCXXFLAGS=-g -O2 -fdebug-prefix-map=/build/squid3-28YJxG/squid3-3.5.27=. -fstack-protector-strong -Wformat -Werror=format-security -Wno-error=deprecated -Wno-error=format-truncation -Wdate-time -D_FORTIFY_SOURCE=2 -Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -Wl,--as-needed' '--datadir=/usr/share/squid' '--sysconfdir=/etc/squid' '--libexecdir=/usr/lib/squid' '--mandir=/usr/share/man' '--enable-inline' '--disable-arch-native' '--enable-async-io=8' '--enable-storeio=ufs,aufs,diskd,rock' '--enable-removal-policies=lru,heap' '--enable-delay-pools' '--enable-cache-digests' '--enable-icap-client' '--enable-follow-x-forwarded-for' '--enable-auth-basic=DB,fake,getpwnam,LDAP,NCSA,NIS,PAM,POP3,RADIUS,SASL,SMB' '--enable-auth-digest=file,LDAP' '--enable-auth-negotiate=kerberos,wrapper' '--enable-auth-ntlm=fake,smb_lm' '--enable-external-acl-helpers=file_userip,kerberos_ldap_group,LDAP_group,session,SQL_session,time_quota,unix_group,wbinfo_group' '--enable-url-rewrite-helpers=fake' '--enable-eui' '--enable-esi' '--enable-icmp' '--enable-zph-qos' '--enable-ecap' '--disable-translation' '--with-swapdir=/var/spool/squid' '--with-logdir=/var/log/squid' '--with-pidfile=/var/run/squid.pid' '--with-filedescriptors=65536' '--with-large-files' '--with-default-user=proxy' '--enable-build-info=Ubuntu linux' '--enable-linux-netfilter' 'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 -fdebug-prefix-map=/build/squid3-28YJxG/squid3-3.5.27=. -fstack-protector-strong -Wformat -Werror=format-security -Wall' 'LDFLAGS=-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -Wl,--as-needed' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2' 'CXXFLAGS=-g -O2 -fdebug-prefix-map=/build/squid3-28YJxG/squid3-3.5.27=. -fstack-protector-strong -Wformat -Werror=format-security -Wno-error=deprecated -Wno-error=format-truncation'
    user@ubuntu:~$


    Unfortunately, it doesn't work. This is the /var/log/squid/access.log



    user@ubuntu:~$ sudo tail -F /var/log/squid/access.log
    1530545854.655 1 192.168.0.254 TCP_DENIED/403 4037 GET http://detectportal.firefox.com/success.txt - HIER_NONE/- text/html
    1530545857.667 1 192.168.0.254 TCP_DENIED/403 4037 GET http://detectportal.firefox.com/success.txt - HIER_NONE/- text/html
    1530545860.673 0 192.168.0.254 TCP_DENIED/403 4037 GET http://detectportal.firefox.com/success.txt - HIER_NONE/- text/html


    This is /etc/squid/squid.conf config



    user@ubuntu:~$ egrep -nv '^#|^$' /etc/squid/squid.conf  
    980:acl localnet src 192.168.0.0/24
    982:acl SSL_ports port 443
    983:acl Safe_ports port 80 # http
    984:acl Safe_ports port 21 # ftp
    985:acl Safe_ports port 443 # https
    986:acl Safe_ports port 70 # gopher
    987:acl Safe_ports port 210 # wais
    988:acl Safe_ports port 1025-65535 # unregistered ports
    989:acl Safe_ports port 280 # http-mgmt
    990:acl Safe_ports port 488 # gss-http
    991:acl Safe_ports port 591 # filemaker
    992:acl Safe_ports port 777 # multiling http
    993:acl CONNECT method CONNECT
    1170:http_access deny !Safe_ports
    1173:http_access deny CONNECT !SSL_ports
    1176:http_access allow localhost manager
    1177:http_access deny manager
    1192:http_access allow localhost
    1195:http_access deny all
    1613:http_port 3128
    4256:coredump_dir /var/spool/squid
    4887:refresh_pattern ^ftp: 1440 20% 10080
    4888:refresh_pattern ^gopher: 1440 0% 1440
    4889:refresh_pattern -i (/cgi-bin/|?) 0 0% 0
    4890:refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
    4893:refresh_pattern . 0 20% 4320
    user@ubuntu:~$


    What caused the issue? Was it ACL?



    How to fix it?










    share|improve this question



























      1












      1








      1








      I've just installed Squid 3.5.27 on Ubuntu Server 18.04



      user@ubuntu:~$ lsb_release -a
      No LSB modules are available.
      Distributor ID: Ubuntu
      Description: Ubuntu 18.04 LTS
      Release: 18.04
      Codename: bionic
      user@ubuntu:~$


      user@ubuntu:~$ dpkg -l | grep squid
      ii squid 3.5.27-1ubuntu1 amd64 Full featured Web Proxy cache (HTTP proxy)
      ii squid-common 3.5.27-1ubuntu1 all Full featured Web Proxy cache (HTTP proxy) - common files
      ii squid-langpack 20170901-1 all Localized error pages for Squid
      user@ubuntu:~$


      user@ubuntu:~$ squid -v
      Squid Cache: Version 3.5.27
      Service Name: squid
      Ubuntu linux
      configure options: '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=${prefix}/include' '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--libexecdir=${prefix}/lib/squid3' '--srcdir=.' '--disable-maintainer-mode' '--disable-dependency-tracking' '--disable-silent-rules' 'BUILDCXXFLAGS=-g -O2 -fdebug-prefix-map=/build/squid3-28YJxG/squid3-3.5.27=. -fstack-protector-strong -Wformat -Werror=format-security -Wno-error=deprecated -Wno-error=format-truncation -Wdate-time -D_FORTIFY_SOURCE=2 -Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -Wl,--as-needed' '--datadir=/usr/share/squid' '--sysconfdir=/etc/squid' '--libexecdir=/usr/lib/squid' '--mandir=/usr/share/man' '--enable-inline' '--disable-arch-native' '--enable-async-io=8' '--enable-storeio=ufs,aufs,diskd,rock' '--enable-removal-policies=lru,heap' '--enable-delay-pools' '--enable-cache-digests' '--enable-icap-client' '--enable-follow-x-forwarded-for' '--enable-auth-basic=DB,fake,getpwnam,LDAP,NCSA,NIS,PAM,POP3,RADIUS,SASL,SMB' '--enable-auth-digest=file,LDAP' '--enable-auth-negotiate=kerberos,wrapper' '--enable-auth-ntlm=fake,smb_lm' '--enable-external-acl-helpers=file_userip,kerberos_ldap_group,LDAP_group,session,SQL_session,time_quota,unix_group,wbinfo_group' '--enable-url-rewrite-helpers=fake' '--enable-eui' '--enable-esi' '--enable-icmp' '--enable-zph-qos' '--enable-ecap' '--disable-translation' '--with-swapdir=/var/spool/squid' '--with-logdir=/var/log/squid' '--with-pidfile=/var/run/squid.pid' '--with-filedescriptors=65536' '--with-large-files' '--with-default-user=proxy' '--enable-build-info=Ubuntu linux' '--enable-linux-netfilter' 'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 -fdebug-prefix-map=/build/squid3-28YJxG/squid3-3.5.27=. -fstack-protector-strong -Wformat -Werror=format-security -Wall' 'LDFLAGS=-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -Wl,--as-needed' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2' 'CXXFLAGS=-g -O2 -fdebug-prefix-map=/build/squid3-28YJxG/squid3-3.5.27=. -fstack-protector-strong -Wformat -Werror=format-security -Wno-error=deprecated -Wno-error=format-truncation'
      user@ubuntu:~$


      Unfortunately, it doesn't work. This is the /var/log/squid/access.log



      user@ubuntu:~$ sudo tail -F /var/log/squid/access.log
      1530545854.655 1 192.168.0.254 TCP_DENIED/403 4037 GET http://detectportal.firefox.com/success.txt - HIER_NONE/- text/html
      1530545857.667 1 192.168.0.254 TCP_DENIED/403 4037 GET http://detectportal.firefox.com/success.txt - HIER_NONE/- text/html
      1530545860.673 0 192.168.0.254 TCP_DENIED/403 4037 GET http://detectportal.firefox.com/success.txt - HIER_NONE/- text/html


      This is /etc/squid/squid.conf config



      user@ubuntu:~$ egrep -nv '^#|^$' /etc/squid/squid.conf  
      980:acl localnet src 192.168.0.0/24
      982:acl SSL_ports port 443
      983:acl Safe_ports port 80 # http
      984:acl Safe_ports port 21 # ftp
      985:acl Safe_ports port 443 # https
      986:acl Safe_ports port 70 # gopher
      987:acl Safe_ports port 210 # wais
      988:acl Safe_ports port 1025-65535 # unregistered ports
      989:acl Safe_ports port 280 # http-mgmt
      990:acl Safe_ports port 488 # gss-http
      991:acl Safe_ports port 591 # filemaker
      992:acl Safe_ports port 777 # multiling http
      993:acl CONNECT method CONNECT
      1170:http_access deny !Safe_ports
      1173:http_access deny CONNECT !SSL_ports
      1176:http_access allow localhost manager
      1177:http_access deny manager
      1192:http_access allow localhost
      1195:http_access deny all
      1613:http_port 3128
      4256:coredump_dir /var/spool/squid
      4887:refresh_pattern ^ftp: 1440 20% 10080
      4888:refresh_pattern ^gopher: 1440 0% 1440
      4889:refresh_pattern -i (/cgi-bin/|?) 0 0% 0
      4890:refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
      4893:refresh_pattern . 0 20% 4320
      user@ubuntu:~$


      What caused the issue? Was it ACL?



      How to fix it?










      share|improve this question
















      I've just installed Squid 3.5.27 on Ubuntu Server 18.04



      user@ubuntu:~$ lsb_release -a
      No LSB modules are available.
      Distributor ID: Ubuntu
      Description: Ubuntu 18.04 LTS
      Release: 18.04
      Codename: bionic
      user@ubuntu:~$


      user@ubuntu:~$ dpkg -l | grep squid
      ii squid 3.5.27-1ubuntu1 amd64 Full featured Web Proxy cache (HTTP proxy)
      ii squid-common 3.5.27-1ubuntu1 all Full featured Web Proxy cache (HTTP proxy) - common files
      ii squid-langpack 20170901-1 all Localized error pages for Squid
      user@ubuntu:~$


      user@ubuntu:~$ squid -v
      Squid Cache: Version 3.5.27
      Service Name: squid
      Ubuntu linux
      configure options: '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=${prefix}/include' '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--libexecdir=${prefix}/lib/squid3' '--srcdir=.' '--disable-maintainer-mode' '--disable-dependency-tracking' '--disable-silent-rules' 'BUILDCXXFLAGS=-g -O2 -fdebug-prefix-map=/build/squid3-28YJxG/squid3-3.5.27=. -fstack-protector-strong -Wformat -Werror=format-security -Wno-error=deprecated -Wno-error=format-truncation -Wdate-time -D_FORTIFY_SOURCE=2 -Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -Wl,--as-needed' '--datadir=/usr/share/squid' '--sysconfdir=/etc/squid' '--libexecdir=/usr/lib/squid' '--mandir=/usr/share/man' '--enable-inline' '--disable-arch-native' '--enable-async-io=8' '--enable-storeio=ufs,aufs,diskd,rock' '--enable-removal-policies=lru,heap' '--enable-delay-pools' '--enable-cache-digests' '--enable-icap-client' '--enable-follow-x-forwarded-for' '--enable-auth-basic=DB,fake,getpwnam,LDAP,NCSA,NIS,PAM,POP3,RADIUS,SASL,SMB' '--enable-auth-digest=file,LDAP' '--enable-auth-negotiate=kerberos,wrapper' '--enable-auth-ntlm=fake,smb_lm' '--enable-external-acl-helpers=file_userip,kerberos_ldap_group,LDAP_group,session,SQL_session,time_quota,unix_group,wbinfo_group' '--enable-url-rewrite-helpers=fake' '--enable-eui' '--enable-esi' '--enable-icmp' '--enable-zph-qos' '--enable-ecap' '--disable-translation' '--with-swapdir=/var/spool/squid' '--with-logdir=/var/log/squid' '--with-pidfile=/var/run/squid.pid' '--with-filedescriptors=65536' '--with-large-files' '--with-default-user=proxy' '--enable-build-info=Ubuntu linux' '--enable-linux-netfilter' 'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 -fdebug-prefix-map=/build/squid3-28YJxG/squid3-3.5.27=. -fstack-protector-strong -Wformat -Werror=format-security -Wall' 'LDFLAGS=-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -Wl,--as-needed' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2' 'CXXFLAGS=-g -O2 -fdebug-prefix-map=/build/squid3-28YJxG/squid3-3.5.27=. -fstack-protector-strong -Wformat -Werror=format-security -Wno-error=deprecated -Wno-error=format-truncation'
      user@ubuntu:~$


      Unfortunately, it doesn't work. This is the /var/log/squid/access.log



      user@ubuntu:~$ sudo tail -F /var/log/squid/access.log
      1530545854.655 1 192.168.0.254 TCP_DENIED/403 4037 GET http://detectportal.firefox.com/success.txt - HIER_NONE/- text/html
      1530545857.667 1 192.168.0.254 TCP_DENIED/403 4037 GET http://detectportal.firefox.com/success.txt - HIER_NONE/- text/html
      1530545860.673 0 192.168.0.254 TCP_DENIED/403 4037 GET http://detectportal.firefox.com/success.txt - HIER_NONE/- text/html


      This is /etc/squid/squid.conf config



      user@ubuntu:~$ egrep -nv '^#|^$' /etc/squid/squid.conf  
      980:acl localnet src 192.168.0.0/24
      982:acl SSL_ports port 443
      983:acl Safe_ports port 80 # http
      984:acl Safe_ports port 21 # ftp
      985:acl Safe_ports port 443 # https
      986:acl Safe_ports port 70 # gopher
      987:acl Safe_ports port 210 # wais
      988:acl Safe_ports port 1025-65535 # unregistered ports
      989:acl Safe_ports port 280 # http-mgmt
      990:acl Safe_ports port 488 # gss-http
      991:acl Safe_ports port 591 # filemaker
      992:acl Safe_ports port 777 # multiling http
      993:acl CONNECT method CONNECT
      1170:http_access deny !Safe_ports
      1173:http_access deny CONNECT !SSL_ports
      1176:http_access allow localhost manager
      1177:http_access deny manager
      1192:http_access allow localhost
      1195:http_access deny all
      1613:http_port 3128
      4256:coredump_dir /var/spool/squid
      4887:refresh_pattern ^ftp: 1440 20% 10080
      4888:refresh_pattern ^gopher: 1440 0% 1440
      4889:refresh_pattern -i (/cgi-bin/|?) 0 0% 0
      4890:refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
      4893:refresh_pattern . 0 20% 4320
      user@ubuntu:~$


      What caused the issue? Was it ACL?



      How to fix it?







      squid






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Jul 2 '18 at 16:20







      Sabrina

















      asked Jul 2 '18 at 16:10









      SabrinaSabrina

      1164




      1164






















          1 Answer
          1






          active

          oldest

          votes


















          2














          line 1195 - http_access deny all



          That's a catch-all rule that is going to block traffic that hasn't been specifically allowed in the config. Which, if this is your whole config, is nothing. Looks like you've got a stock config that will require some allow rules. Alternatively, modify the http_access deny all and change the deny to allow



          If you intend to have authentication setup, you can do something like this:



          ### enforce authentication
          http_access deny !auth # deny anyone that isn't authenticated
          http_access allow auth # allow authenticated users
          http_access deny all # final catch-all that should never actually be met.


          If you haven't setup authentication yet, then you just need this:



          http_access allow all





          share|improve this answer























            Your Answer








            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "89"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });














            draft saved

            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1051554%2fsquid-tcp-denied-403-4037-get-http-detectportal-firefox-com-success-txt-hier%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            2














            line 1195 - http_access deny all



            That's a catch-all rule that is going to block traffic that hasn't been specifically allowed in the config. Which, if this is your whole config, is nothing. Looks like you've got a stock config that will require some allow rules. Alternatively, modify the http_access deny all and change the deny to allow



            If you intend to have authentication setup, you can do something like this:



            ### enforce authentication
            http_access deny !auth # deny anyone that isn't authenticated
            http_access allow auth # allow authenticated users
            http_access deny all # final catch-all that should never actually be met.


            If you haven't setup authentication yet, then you just need this:



            http_access allow all





            share|improve this answer




























              2














              line 1195 - http_access deny all



              That's a catch-all rule that is going to block traffic that hasn't been specifically allowed in the config. Which, if this is your whole config, is nothing. Looks like you've got a stock config that will require some allow rules. Alternatively, modify the http_access deny all and change the deny to allow



              If you intend to have authentication setup, you can do something like this:



              ### enforce authentication
              http_access deny !auth # deny anyone that isn't authenticated
              http_access allow auth # allow authenticated users
              http_access deny all # final catch-all that should never actually be met.


              If you haven't setup authentication yet, then you just need this:



              http_access allow all





              share|improve this answer


























                2












                2








                2







                line 1195 - http_access deny all



                That's a catch-all rule that is going to block traffic that hasn't been specifically allowed in the config. Which, if this is your whole config, is nothing. Looks like you've got a stock config that will require some allow rules. Alternatively, modify the http_access deny all and change the deny to allow



                If you intend to have authentication setup, you can do something like this:



                ### enforce authentication
                http_access deny !auth # deny anyone that isn't authenticated
                http_access allow auth # allow authenticated users
                http_access deny all # final catch-all that should never actually be met.


                If you haven't setup authentication yet, then you just need this:



                http_access allow all





                share|improve this answer













                line 1195 - http_access deny all



                That's a catch-all rule that is going to block traffic that hasn't been specifically allowed in the config. Which, if this is your whole config, is nothing. Looks like you've got a stock config that will require some allow rules. Alternatively, modify the http_access deny all and change the deny to allow



                If you intend to have authentication setup, you can do something like this:



                ### enforce authentication
                http_access deny !auth # deny anyone that isn't authenticated
                http_access allow auth # allow authenticated users
                http_access deny all # final catch-all that should never actually be met.


                If you haven't setup authentication yet, then you just need this:



                http_access allow all






                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Jan 16 at 20:52









                JoeyJoey

                212




                212






























                    draft saved

                    draft discarded




















































                    Thanks for contributing an answer to Ask Ubuntu!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1051554%2fsquid-tcp-denied-403-4037-get-http-detectportal-firefox-com-success-txt-hier%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    Popular posts from this blog

                    How to make a Squid Proxy server?

                    Is this a new Fibonacci Identity?

                    19世紀