I'm running Squid 2.5 Stable4 on Linux Mandrake 8.2
Squid_auth_ldap helper to authenticate users coming into our network
through our gateway
I have to authenticate users that come from our gateway only (others don't
need to autheticate)
And I have to set different Internet access level for these users.
Squid can see only one IP for these users: the gateway IP
So I set up 3 users groups (auth_burkina,auth_zongo, auth_libre) and 3
different access level (d_delmas,d_zongo,d_libre)
Here is my squid.conf
#====================================================
#acl for users who don't need to authenticate
#everything is ok and work fine
acl D_LIBRE dst all
acl D_DELMAS dstdomain .google.com ...
...
#====================================================
#rules for users who need to authenticate
#our gateway
acl PASSERELLE src 172.16.0.14
#groups
acl AUTH_BURKINA proxy_auth burkina REQUIRED
acl AUTH_ZONGO proxy_auth zongo REQUIRED
acl AUTH_LIBRE proxy_auth ballion REQUIRED
#destination
acl D_ZONGO dstdomain .voila.fr
#rules
http_access allow PASSERELLE AUTH_BURKINA D_DELMAS
http_access allow PASSERELLE AUTH_ZONGO D_ZONGO
http_access allow PASSERELLE AUTH_LIBRE D_LIBRE
#=====================================================
My problem is :
after my users authenticate successfully,
auth_burkina should only access to d_delmas but they access also to
d_zongo and d_libre.
auth_zongo should only access to d_delmas and d_zongo but they access alos
to d_libre.
How can I make auth_burkina group access only to d_delmas
auth_zongo access only to d_delmas and d_zongo
auth_libre access only to d_libre?
What am I doing wrong?
Please help
Thanks and regards
Yannick Masse
Received on Thu Feb 06 2003 - 03:42:38 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:15 MST