Brian,
I tried that Thanks! However, now squid authentication is not again
working. It seems that when I change one ACL the other one is affected.
Joel
Brian Johnson wrote:
> Joel Taqueban wrote:
>
> > Dear Ilker & squid users,
> >
> > I've got my squid ldap authentication working. Thanks a lot!
> >
> > But there's one thing I noticed: when I added the authentication I was
> > surprised that the disallowed times for my users to access the
> > Internet is no longer working - I mean they can now readily access
> > the whole web even after the allowed times. Here's my ACLs and
> > http_access definitions:
> >
> > I've tried making changes to the ACLs. Here is my complete list:
> >
> > authenticate_program /usr/local/squid/bin/squid_ldap_auth
> > myldapserver
> >
> > acl all src 0.0.0.0/0
> > acl ldap proxy_auth REQUIRED
> > acl allowedsites dstdomain dhl.com
> > acl allowedtimes time S M T W H F A 06:00-21:00
> >
> > http_access allow ldap
> > http_access allow allowedsites
> > http_access allow allowedtimes
> > http_access deny all
>
> this should look something like:
> http_access allow allowedsites
> http_access deny notallowedtimes
> http_access allow ldap
> http_access deny all
>
> ...as soon as squid matches an allow statement then it doesn't check any
> more allow/deny statements and allows access, so you need to deny for
> the times that people _can't_ access the whole web before your allow
> statement...
> Hope this is clear enough..
> -Brian
Received on Sat May 06 2000 - 01:04:54 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:53:17 MST