[squid-users] Proxy Forward Question?
I have an Internet Security and acceleration server running at one of my sites what I would like to do is forward the request from that server to a squid server. However The IAS server uses Active directory for authentication and then squid server uses LDAP as it's authentication backend. When I try to forward the IAS server it just keeps asking for a username and password. How do I get the squid server to accept the credentials or at least just allow the IAS server through without asking for credentials. Carinus -- This e-mail and its contents are subject to the South African Medical Research Council e-mail legal notice available at http://www.mrc.ac.za/about/EmailLegalNotice.htm
[squid-users] Selective Parent Routing Query.
I have a group of users that want to have an adsl link of their very own but I would still like them to use my proxy server. I have a firewall that can run squid and seperates the adsl from my normal network. I would like to know is squid can do this. Take the requesting IP number and then match to a IP number in a file if the IP number is in the File then redirect the HTTP request to another parent and not on the normal parent I have sepcified. Carinus -- This e-mail and its contents are subject to the South African Medical Research Council e-mail legal notice available at http://www.mrc.ac.za/about/EmailLegalNotice.htm
[squid-users] ACL Is this right
I have the following config working so that it allows the use of an ID from only a certain IP number (thanks to squidrunner for that) and then outputs a custom error message when the ID is use from another ip number but now I need to expand the use of the ID to a few more computers. I have seen that you can use a file and populate your variable into that. Would the new config work as that ACL? Original Config acl USERS proxy_auth REQUIRED acl dlid proxy_auth temp acl comp src ip NUMBER http_access deny dlid !comp http_access allow USERS !dlid http_access deny all deny_info ERR_USERID_RESTRICTED comp New Config acl USERS proxy_auth REQUIRED acl dlid proxy_auth temp acl comp src ./ip.txt http_access deny dlid !comp http_access allow USERS !dlid http_access deny all deny_info ERR_USERID_RESTRICTED comp IP.txt Ip Number Ip Number
[squid-users] What am I doing wrong (ACL help request)?
I have defined this acl's in my squid.conf file. What i would like to access the user id temp from only one computer. If someone tries to authenticate using that user id from another pc it must be denied. What am I doing wrong? auth_param basic program /usr/local/squid/bin/auth/squid_auth_ldap -f /usr/local/squid/bin/auth/squid_auth_ldap.conf auth_param basic children 5 acl USERS proxy_auth REQUIRED acl dlid proxy_auth temp acl comp src ipnum/netmask http_access allow comp dlid http_access allow USERS http_access deny all Carinus
[squid-users] User name only used from a specific IP number
I would like to know if it is possible to allow a username to only authenticate from a specific IP number or a range of number. So in other words i want UserA to only have internet access using his id from his pc. if he goes to another PC or another IP number then it must not allow him to authenticate. Is this possible and if so where can I get a look at a config example. Thanks in advance for the help. Carinus
[squid-users] Forwarding login and password from a 2.4 proxy to a 2.5 proxy
I have installed the new version of squid 2.5 but i would like to test it under load and I want to use the cache_peer to forward all requests to the new proxy for a few days just to test everything. I would like it to just forward the login credentials to the new proxy what is the equivalent to login=PASS in the 2.4 version. My old proxy is a 2.4 version. I have the forwarding working the other way. From 2.5 to a 2.4 proxy. I would now like to make it work the other way I have tried various permutations of the command below including login=PASS at the end of the line can some please help me by telling me the right way to do this. It just keeps popping up the login box. Squid Cache: Version 2.4.STABLE7 cache_peer parent.domain.com parent 3128 3130 no-query default login=user:password.
[squid-users] {Spam?} acl help please
I have a program that synchronises using the proxy. however I keep getting this error message in the cache.log file. 2005/05/11 08:25:51| The request CONNECT ip number:port is DENIED, because it matched 'password' Ho can I bypass the password acl I have and allow the CONNECT method just for the ipnumber:port . Carinus
[squid-users] DNS and ACL
I wonder if someone can maybe help with this. I would like to setup my squid proxy to block any boxes that do not have adns entry. So in other words I want to ensure that the box is properly registered in teh dns before they are allowed squid access. Can this be done and does someone mybe have a config example I can have a look at. Carinus
[squid-users] authentication and virtual http web servers
I have a a few http web servers which point to www addressess on my proxy server I have ldap auhentication I would like to bypass authentication for those http servers but only those ones adn authenticate for the rest of the http traffic can anyone point me in the right direction. Carinus
[squid-users] Load balancing query
I have two external networks connected and I have one proxy server that is servicing about 500 users. I would like the squid box to do some load balancing across the two external link so that the http traffic does not just go through the one link. Is this possible and how do i go about setting this up. Carinus