> Does anybody know how to use max_user_ip? > I have this acl in squid.conf
Sure. I'll combine it with the lines you provided from squid.conf to show how it fits. > acl password proxy_auth REQUIRED acl multiple max_user_ip -s 1 # Strictly limit user to 1 IP Address authenticate_ip_ttl 20 minutes # User has to wait 20 minutes before changing IP Address http_access deny multiple > http_access allow password > http_access deny all Without the -s, Squid will just randomly block some of the requests from the second IP address. Remember, authenticate_ip_ttl is clocked from the last request from a given IP. We're on a LAN with static IP addresses, so 20 minutes is acceptable; if you are serving dial-up users, you'll want to set it at about 45 second; if you're on a LAN using DHCP, 2 - 5 minutes probably. Adam --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.237 / Virus Database: 115 - Release Date: 3/7/2001
