Marco Berizzi wrote:
> I have implemented max_user_ip acl with squid 2.6stable4
> but users are able to browse the internet with a single
> account from multiple clients (those in the 172.16.0.0/23
> class). This is my squid.conf:
>
> authenticate_ip_ttl 3600 seconds
>
> acl all src 0.0.0.0/0.0.0.0
> acl mynet src 172.16.0.0/23
> acl generali src 10.180.0.0/16
> acl concurrent_browsing max_user_ip -s 1
> acl password proxy_auth_regex "/etc/squid/allowusers"
> acl password-generali proxy_auth_regex "/etc/squid/allowgenerali"
>
> http_access deny !password all
> http_access deny concurrent_browsing
> http_access allow password mynet
> http_access allow password-generali generali
> http_access deny all
>
> Hints?
>
>
Have you adjusted the authenticate_ip_ttl? It seems to default to 0
seconds (which I would take to mean that it doesn't keep a user-IP
association).
Chris
Received on Tue Oct 03 2006 - 12:27:25 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Nov 01 2006 - 12:00:04 MST