Our company has a proxy server running on RH8.0. My job is to setup a second proxy server that will be acting as a primary proxy for another location. The OS I am using is CentOS 4.1, which came loaded with squid-2.5.STABLE6-3.4E.5. I copied the ACLs from the production proxy server. I am in the process of trying to see if everything is working properly, but it seems the squid.conf is not reading the users.txt, powerusers.txt, or anything with the acl [name] proxy_auth "" configuration. I am able to get to sites listed in the whitelist.txt. Outside of that, I cannot go anywhere (such as www.google.com). The production server allows this. I added .google.com to the whitelist.txt on the machine I am trying to setup, and then it works, but I do not understand why it is not working without being in the whitelist.txt. Below are my squid.conf acl settings. The part I thought would allow me to access google or other not whitelist.txt sites (other than blacklist, and sites for powerusers) was the acl AuthLimitedUsers proxy_auth REQUIRED What am I missing? --------------------------------------------------- acl DoNotCacheWebSites dstdomain "/etc/squid/rules/donotcachewebsites.txt" acl Freemarkets dstdomain .freemarkets.com acl MyTextron dstdomain .mytextron.com acl WComNet dstdomain .wcom.net acl Corrlink dstdomain .weyerhaeuser.com acl SchwabPlan dstdomain .schwabplan.com acl LindWaldock dstdomain .lind-waldock.com acl BrownListWebsites dstdomain "/etc/squid/rules/brownlist.txt" acl BlackListWebsites dstdomain "/etc/squid/rules/blacklist.txt" acl BlackListIpAddresses dst "/etc/squid/rules/blacklistipaddr.txt" acl BlackListIpAddress1 dst 64.73.35.120 acl OpenAccessWhiteListWebsites dstdomain "/etc/squid/rules/openaccesswhitelist.txt" acl OpenAccessWhiteListIpAddresses dst "/etc/squid/rules/openaccesswhitelistipaddr.txt" acl WhiteListWebsites dstdomain "/etc/squid/rules/whitelist.txt" acl WhiteListIPAddresses dst "/etc/squid/rules/whiteipaddr.txt" acl AuthLimitedUsers proxy_auth REQUIRED acl AuthPowerUsers proxy_auth "/etc/squid/rules/powerusers.txt" acl AuthIPAddresses src "/etc/squid/rules/poweripaddresses.txt" acl AuthSafeAccessUsers proxy_auth "/etc/squid/rules/users.txt" acl OverRideBrownListUsers proxy_auth "/etc/squid/rules/ovrdbrownlist.txt" #http_access allow manager all http_access allow manager our_networks #http_access allow all open_for_ip_address http_access allow all Freemarkets http_access allow all MyTextron http_access allow all Corrlink http_access allow all SchwabPlan http_access allow all WcomNet http_access allow all LindWaldock http_access allow all AuthSafeAccessUsers http_access allow all AuthPowerUsers http_access allow all AuthIPAddresses http_access allow all OpenAccessWhiteListWebsites http_access allow all OpenAccessWhiteListIpAddresses http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access deny to_localhost http_access deny !our_networks http_access allow BrownListWebsites OverRideBrownListUsers http_access deny all BrownListWebsites http_access deny all BlackListWebsites http_access deny all BlackListIpAddresses http_access deny all BlackListIpAddress1 #http_access allow all AuthSafeAccessUsers http_access allow WhiteListWebsites AuthLimitedUsers http_access allow WhiteListIPAddresses AuthLimitedUsers http_access deny all --------------------------------------------------------
