Search squid archive

RE: Problem with auth_param + delay_pools

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> -----Original Message-----
> From: Phillip Geiger [mailto:phillip.geiger@xxxxxxxxx]
> Sent: Tuesday, October 11, 2005 11:13 PM
> To: squid-users@xxxxxxxxxxxxxxx
> Subject:  Problem with auth_param + delay_pools
> 
> 
> Hello all,
> 

Cut description of problem...

> 
> Here's my squid.conf, which is mostly the default provided by my Linux
> firewall distribution (SmoothWall):
> 
> ==============================
> 

And bits of the squid.conf...

> 
> 
> auth_param basic program /usr/local/squid/bin/ncsa_auth
> /usr/local/squid/etc/squid_passwd
> auth_param basic children 5
> auth_param basic realm Firewall
> auth_param basic credentialsttl 2 hours
> 
> 
> 
> acl users1 src 192.168.36.3-192.168.36.250/32
> acl users2 proxy_auth REQUIRED
> acl all src 0.0.0.0/0.0.0.0
> acl localhost src 127.0.0.1/255.255.255.255
> 
> 
> http_access allow localhost
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports

I would try changing this line...

> http_access allow users1 users2

...to...

http_access deny !users2  # Require authentication
http_access allow users1  # If you get here, you are authenticated.

> #http_access allow localnet
> http_access deny all
> 
> 
> 
> 
> ##############################################################
> ##################
> # delay_pools config
> ##############################################################
> ##################
> 
> # define one class 2 pool
> delay_pools 1
> delay_class 1 2
> 
> # users1 follows the rules of pool 1
> delay_access 1 allow users1
> delay_access 1 deny all
> 
> # Everyone in users1 has access to the full bandwidth until
> # his 2 megabyte bucket is empty, then it refills at 4 kbyte/sec
> # 1 kbyte = 1024, 1 mb = 1048576
> 
> #delay_parameters 1 -1/-1 8192/4194304
> delay_parameters 1 -1/-1 4096/2097152
> 
> # everyone's bucket starts out full
> delay_initial_bucket_level 100
> 
> 
> refresh_pattern -i \.jpg$ 9000000 100% 9000009 override-expire
> refresh_pattern -i \.gif$ 9000000 100% 9000009 override-expire
> refresh_pattern -i \.png$ 9000000 100% 9000009 override-expire
> refresh_pattern -i \.exe$ 9000000 100% 9000009 override-expire
> 
> 
> redirect_program /usr/local/adzap/scripts/wrapzap
> 

Chris


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux