Hello Everyone,
I have a mayor problem (maybe not so big) , and I hope that someone can help me.
I have 3 subnets (192.168.0.x;192.168.1.x;192.168.2.x) connecting to squid at ip adresses (192.168.0.250;192.168.1.250;192.168.2.250) which has 192.168.10.2 connecting to 192.168.10.1 (firewall). This info might not be important , but I wrote it down so you can visualise my network (to some degree).
My squid.conf looks like this :
http_port 3228
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/password auth_param basic children 5 auth_param basic realm Username And Pasword Required For Internet Access auth_param basic credentialsttl 30 minutes
cache_mem 64 MB maximum_object_size_in_memory 512 KB maximum_object_size 10000 KB
cache_dir ufs /proxy1/ 8000 16 256 cache_dir ufs /proxy2/ 8000 16 256
cache_mgr [EMAIL PROTECTED] cache_effective_user nobody cache_effective_group nobody
acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/32 acl SSL_ports port 443 563 acl Safe_ports port 80 8080 21 443 563 70 210 1025-65535 acl Safe_ports port 280 acl Safe_ports port 488 acl Safe_ports port 591 acl Safe_ports port 777 acl CONNECT method CONNECT acl deny_ext urlpath_regex -i "/etc/squid/deny_ext"
acl FTP proto FTP always_direct allow FTP
acl authentic proxy_auth REQUIRED http_access allow authentic http_access deny deny_ext http_access deny all
redirect_program /usr/bin/squidGuard redirect_children 4
everything was beatifull when I was testing with one machine it asked for a code every time I opened a new explorer, but today when it started working for the three subnets 65-70 computers , it is sometimes asking passwords and sometimes not (maybe that 30min credentialttl is the problem or maybe I should use pam_auth instead of ncsa_auth), someone please give me some info about this, or correct the error in my squid.conf file so that it will work as it was meant to work. (always asking for a user name... currently I have only one username for internet access [hope that is not the cause of my current problem] but I will be using many usernames, one for each user who needs internet)
Sincerely
Robert B
