[squid-users] authenticated users and different Internet access level

From: Yannick MASSE/INFO/FR/DELMAS <masse@dont-contact.us>
Date: Thu, 6 Feb 2003 11:41:24 +0100

I'm running Squid 2.5 Stable4 on Linux Mandrake 8.2
Squid_auth_ldap helper to authenticate users coming into our network
through our gateway

I have to authenticate users that come from our gateway only (others don't
need to autheticate)
And I have to set different Internet access level for these users.
Squid can see only one IP for these users: the gateway IP

So I set up 3 users groups (auth_burkina,auth_zongo, auth_libre) and 3
different access level (d_delmas,d_zongo,d_libre)
Here is my squid.conf
#====================================================
#acl for users who don't need to authenticate
#everything is ok and work fine

acl D_LIBRE dst all
acl D_DELMAS dstdomain .google.com ...
...
#====================================================
#rules for users who need to authenticate
#our gateway
acl PASSERELLE src 172.16.0.14

#groups
acl AUTH_BURKINA proxy_auth burkina REQUIRED
acl AUTH_ZONGO proxy_auth zongo REQUIRED
acl AUTH_LIBRE proxy_auth ballion REQUIRED

#destination
acl D_ZONGO dstdomain .voila.fr

#rules
http_access allow PASSERELLE AUTH_BURKINA D_DELMAS
http_access allow PASSERELLE AUTH_ZONGO D_ZONGO
http_access allow PASSERELLE AUTH_LIBRE D_LIBRE
#=====================================================

My problem is :
after my users authenticate successfully,
auth_burkina should only access to d_delmas but they access also to
d_zongo and d_libre.
auth_zongo should only access to d_delmas and d_zongo but they access alos
to d_libre.

How can I make auth_burkina group access only to d_delmas
auth_zongo access only to d_delmas and d_zongo
auth_libre access only to d_libre?

What am I doing wrong?

Please help
Thanks and regards
Yannick Masse
Received on Thu Feb 06 2003 - 03:42:38 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:15 MST