mån 2006-07-03 klockan 13:06 +0700 skrev RdBSD: > before i have squid 2.5.stable 13 and then i want to transparent and > get authentication in each user who's connected to internet using > their browser.
Not possible I am afraid. This is not something you can do in a proxy using proxy authentication. You will need to implement a separate authentication system keeping track of your users and reporting the user name to Squid via external_acl_type.. > And then i found squid2.6 stable which support > auth-on-accell. Yes, but it's litterally what it says. Authentication in accelerator mode infront of YOUR web servers under your administrative control, not when transparently intercepting traffic to other web servers. Proxy authentication requires the browser to be configured to use the proxy. Authentication in accelerator mode is web server authentication, unique to each web server and for that web server only. > my problem is howto make transparent proxy in squid > 2.6stable ?. Similar to 2.5, except that you use the word transparent in the http_port line instead of the "httpd_accel_host virtual" thing one used in 2.5.. But unfortunately a small bug crept in into 2.6.STABLE1 in the transparent interception mode. See bug #1650. > http_port ip-proxy:3128 transparent vhost vport=80 defaultsite=virtual > protocol=http > cache_peer ip-sibling sibling 8080 3130 no-query originserver This is a typical reverse proxy setup, not transparent proxy.. A transparent proxy setup looks more like http_port ip-proxy:3128 transparent and due to bug #1650 you will also need the following until a patch is available if you don't have any parent proxies the request should be forwarded to: always_direct allow all patch will be available shortly. Regards Henrik
signature.asc
Description: Detta är en digitalt signerad meddelandedel
