Re: [squid-users] authenticate users not in IPrange only

From: Henrik Nordstrom <hno@dont-contact.us>
Date: 06 Feb 2003 14:40:10 +0100

Veryfy your http_access rules. Keep in mind that it is a ordered list of
rules. The first http_access rule where all listed acls evaluate to true
determines if the request is to be allowed or denied.

Regards
Henrik

tor 2003-02-06 klockan 14.11 skrev Yannick MASSE/INFO/FR/DELMAS:
> I want to authenticate users who are not in a IP range.
>
> here is my squid.conf
> #============================================
> acl MyNetwork src 172.16.10.1-172.16.10.255
>
> acl GoodSites dstdomain .google.com .yahoo.com ...
>
> http_access allow MyNetwork GoodSites
>
> acl MyComputer src 172.16.10.1
> http_access allow MyComputer all
>
> #User to authenticate
> acl auth_user proxy_auth foo bar
> http_access allow auth_user GoodSites
> http_access deny auth_user all
>
> #deny all others
> http_access deny all
> #============================================
>
> The problem is:
> all user in My network are prompted with user/password except MyComputer
> If I set "http_access allow MyComputer all" to "http_access allow
> MyComputer GoodSites" then MyComputer is prompt to athenticate too!
> Why users in my IP range are prompt for auth?
>
> I'm running squid 2.4 stable4 on Linux Mandrake 8.2 with squid_auth_ldap
> helper program
>
>
> thanks and reagrds
>
> Yannick

-- 
Henrik Nordstrom <hno@squid-cache.org>
MARA Systems AB, Sweden
Received on Thu Feb 06 2003 - 06:40:17 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:16 MST