Re: [squid-users] If not authenticated don´t ask for it.
Thank you! Seems to working fine now. On 5/9/07, Henrik Nordstrom <[EMAIL PROTECTED]> wrote: ons 2007-05-09 klockan 14:25 +0200 skrev Patrik Hansson: > Hello. > > I´v just gotten squid installed and working with NTLM and AD Groups. > > What i whant is to block some files for normal users, like .exe, .zip > and so on but give admins the right to download them. > > I made two AD groups named "allowinet" and "admininet". > If a normal user is trying to download an .exe he gets presented with > a login dialog. > I don´t whant that..i whant my "NOTE_FILETYPES_FILTERED" displayed to > the user directly. Then the last acl on the http_access deny line must not be related to logins. Example: if you have http_access deny downloads normalusers you can simply switch the two acls http_access deny normalusers downloads or alternatively add a dymmy acl last on the line acl denied_download_message src 0.0.0.0/0 http_access deny downloads normalusers denied_download_message then use this acl in deny_info to select the proper error message deny_info ERR_BLOCKED_DOWNLOAD denied_download_message Regards Henrik
Re: [squid-users] If not authenticated don´t ask for it.
ons 2007-05-09 klockan 14:25 +0200 skrev Patrik Hansson: > Hello. > > I´v just gotten squid installed and working with NTLM and AD Groups. > > What i whant is to block some files for normal users, like .exe, .zip > and so on but give admins the right to download them. > > I made two AD groups named "allowinet" and "admininet". > If a normal user is trying to download an .exe he gets presented with > a login dialog. > I don´t whant that..i whant my "NOTE_FILETYPES_FILTERED" displayed to > the user directly. Then the last acl on the http_access deny line must not be related to logins. Example: if you have http_access deny downloads normalusers you can simply switch the two acls http_access deny normalusers downloads or alternatively add a dymmy acl last on the line acl denied_download_message src 0.0.0.0/0 http_access deny downloads normalusers denied_download_message then use this acl in deny_info to select the proper error message deny_info ERR_BLOCKED_DOWNLOAD denied_download_message Regards Henrik signature.asc Description: Detta är en digitalt signerad meddelandedel
[squid-users] If not authenticated don´t ask for it.
Hello. I´v just gotten squid installed and working with NTLM and AD Groups. What i whant is to block some files for normal users, like .exe, .zip and so on but give admins the right to download them. I made two AD groups named "allowinet" and "admininet". If a normal user is trying to download an .exe he gets presented with a login dialog. I don´t whant that..i whant my "NOTE_FILETYPES_FILTERED" displayed to the user directly. If i cancel the login request i get the "Cache Access Denied" error message and if i enter my admin credentials i get to download it. This is what i put in squid.config: acl normalusers external nt_group allowinet acl adminusers external nt_group admininet acl blockedfiles urlpath_regex -i "/etc/squid/blockedfiles.acl" http_access deny blockedfiles normalusers http_access allow normalusers http_access allow adminusers deny_info NOTE_FILETYPES_FILTERED blockedfiles Thanks in andvanced /Patrik Hansson