Time for action – debugging access control
Normally, it's easy to construct ACLs using various ACL types and they will work as expected. However, as our configuration gets bigger, ACLs may get confusing and it'll be hard to point out the exact culprit ACL causing problems such as, access denied messages or allowing access to a denied object. To debug our ACLs in such a situation, we can take advantage of the debug_options directive so that we can see the step-by-step processing of ACLs by Squid. We'll learn to debug our example configuration.
Consider the following access control lines in our configuration file:
acl example dstdomain .example.com acl png urlpath_regex -i \.png$ http_access deny png example http_access allow localhost http_access allow localnet http_access deny all
If we consult the table of section numbers for the Squid components, the section number for access control is 28. So, we will add the following line to our configuration file:
debug_options ALL,1 28,3
The previous...
