Hello Everyone,
I have a mayor problem (maybe not so big) , and I hope that someone can help
me.
I have 3 subnets (192.168.0.x;192.168.1.x;192.168.2.x) connecting to squid
at ip adresses (192.168.0.250;192.168.1.250;192.168.2.250) which has
192.168.10.2 connecting to 192.168.10.1 (firewall). This info might not be
important , but I wrote it down so you can visualise my network (to some
degree).
My squid.conf looks like this :
http_port 3228
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/password
auth_param basic children 5
auth_param basic realm Username And Pasword Required For Internet Access
auth_param basic credentialsttl 30 minutes
cache_mem 64 MB
maximum_object_size_in_memory 512 KB
maximum_object_size 10000 KB
cache_dir ufs /proxy1/ 8000 16 256
cache_dir ufs /proxy2/ 8000 16 256
cache_mgr ********@*******.**.**
cache_effective_user nobody
cache_effective_group nobody
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl SSL_ports port 443 563
acl Safe_ports port 80 8080 21 443 563 70 210 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
acl deny_ext urlpath_regex -i "/etc/squid/deny_ext"
acl FTP proto FTP
always_direct allow FTP
acl authentic proxy_auth REQUIRED
http_access allow authentic
http_access deny deny_ext
http_access deny all
redirect_program /usr/bin/squidGuard
redirect_children 4
everything was beatifull when I was testing with one machine it asked for a
code every time I opened a new explorer, but today when it started working
for the three subnets 65-70 computers , it is sometimes asking passwords and
sometimes not (maybe that 30min credentialttl is the problem or maybe I
should use pam_auth instead of ncsa_auth), someone please give me some info
about this, or correct the error in my squid.conf file so that it will work
as it was meant to work. (always asking for a user name... currently I have
only one username for internet access [hope that is not the cause of my
current problem] but I will be using many usernames, one for each user who
needs internet)
Sincerely
Robert B
Received on Mon Sep 06 2004 - 07:11:59 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Oct 01 2004 - 12:00:02 MDT