Hi,
I'm having a problem setting up acl lists. At the college I work for we
have a satellite campus, which isn't in our domain and doesn't share ip
addresses, we'd like to give access to. Here are the relevant entries I have
now in squid.conf:
authenticate_program /usr/bin/ncsa_auth # To enable username/password
checking
authenticate_options /etc/squid.passwd
acl manager proto cache_object # Squid default
acl localhost src 127.0.0.1/255.255.255.255 # Squid default
acl all src 0.0.0.0/0.0.0.0 # Squid default
acl allowed_hosts srcdomain wwc wwc.edu # To allow our local machines
access
acl SSL_ports port 443 563 # Squid default
acl Dangerous_ports port 7 9 19 # Squid default
acl ProxyAuth proxy_auth # To allow our satellite campus
access
http_access deny manager !localhost # Squid default
http_access deny CONNECT !SSL_ports # Squid default
http_access deny Dangerous_ports # Squid default
http_access allow allowed_hosts # To allow our local machines access
http_access allow ProxyAuth # To allow our satellite campus access
http_access deny all # Squid default
icp_access allow allowed_hosts # To allow our local machines access
icp_access allow ProxyAuth # To allow our satellite campus access
icp_access deny all # Squid default
The problem is that it asks everybody for a username/password, even if they
match the "allowed_hosts" line. Is there any way of telling squid to only
ask for a username/password if they aren't on our local network?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Greg Cornell, Programmer/Analyst
Information Services, Walla Walla College
204 S. College Ave., College Place, WA 99324-1198
mailto:corngr@wwc.edu, http://www.wwc.edu/
voice: (509) 527-2994, fax: (509) 527-2008
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Received on Wed Apr 21 1999 - 17:47:33 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:45:54 MST