Change the order of the http_access statements:
http_access deny concurrent_browsing
http_access deny !password all
Then restart squid and test again.
Mit freundlichem Gruß/Yours sincerely
Werner Rost
GMT-FIR - Netzwerk
ZF Boge Elastmetall GmbH
Friesdorfer Str. 175
53175 Bonn
Deutschland/Germany
Telefon/Phone +49 228 3825 - 420
Telefax/Fax +49 228 3825 - 398
werner.rost@xxxxxx
Service Desk Meldungserfassung
Intranet: http://ahdzf01.emea.zf-world.com/ahd-web/create_inc.aspx
eMail an: hotline@xxxxxx
Telefon: 3600
-----Ursprüngliche Nachricht-----
Von: Marco Berizzi [mailto:pupilla@xxxxxxxxxxx]
Gesendet: Mittwoch, 4. Oktober 2006 09:35
An: squid-users@xxxxxxxxxxxxxxx
Betreff: Re: max_user_ip not working in squid-2.6S4
Chris Robertson wrote:
>Marco Berizzi wrote:
>>I have implemented max_user_ip acl with squid 2.6stable4
>>but users are able to browse the internet with a single account from
>>multiple clients (those in the 172.16.0.0/23 class). This is my
>>squid.conf:
>>
>>authenticate_ip_ttl 3600 seconds
>>
>>acl all src 0.0.0.0/0.0.0.0
>>acl mynet src 172.16.0.0/23
>>acl generali src 10.180.0.0/16
>>acl concurrent_browsing max_user_ip -s 1
>>acl password proxy_auth_regex "/etc/squid/allowusers"
>>acl password-generali proxy_auth_regex "/etc/squid/allowgenerali"
>>
>>http_access deny !password all
>>http_access deny concurrent_browsing
>>http_access allow password mynet
>>http_access allow password-generali generali
>>http_access deny all
>>
>>Hints?
>>
>>
>Have you adjusted the authenticate_ip_ttl? It seems to default to 0
>seconds (which I would take to mean that it doesn't keep a user-IP
>association).
Yes, I have adjusted to 3600 seconds (see above):
authenticate_ip_ttl 3600 seconds
