Normally, it's easy to construct ACLs using various ACL types and they will work as expected. However, as our configuration gets bigger, ACLs may get confusing and it'll be hard to point out the exact culprit ACL causing problems such as, access denied messages or allowing access to a denied object. To debug our ACLs in such a situation, we can take advantage of the debug_options directive so that we can see the step-by-step processing of ACLs by Squid. We'll learn to debug our example configuration.

Consider the following access control lines in our configuration file:

acl example dstdomain .example.com acl png urlpath_regex -i \.png$ http_access deny png example http_access allow localhost http_access ...