Hi, I am new to everything Linux as of 2 days ago and I'd like a bit of guidance on something.. bear with me, I'm ultra new, but loving it... My setup so far: I'm configuring a 2.6 Squid box forwarding to a parent proxy - OK I'm using NTLM authentication, with fall back of Basic - OK I am testing with PCs and Macs visiting bbc.co.uk video (or any other Akamai serving site)- NOT OK PC browsers are fine, but my Safari Mac is having problems sending the POST back to the Akamai server(s) in question. This is not unusual and I've dealt with this before successfully on other proxies (BlueCoat and MS ISA 2006). I can give more details on what I see in the logs but basically on the BC and ISA I add a rule to bypass authentication if the URL contains '/open/1' or http://*:1935/. I just can't get my head around what ACLs and http_access I need to put in! He's the ACL part of my squid.conf. For simplicity, I'm just trying to allow un-authenticated access if the URL contains the work 'open' but ideally I'd like http://*/open/1 and http://*:1935/open/1 == acl all proxy_auth REQUIRED acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl QUERY urlpath_regex cgi-bin \? acl apache rep_header Server ^Apache acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT acl bypass url_regex pattern -i open http_access allow bypass http_access allow localhost http_access allow all http_reply_access allow all === However, my access log still shows: === 1248263503.555 13 172.16.0.57 TCP_DENIED/403 1471 POST http://92.122.125.63/open/1 - NONE/- text/html 1248263504.223 19 172.16.0.57 TCP_DENIED/403 1481 POST http://92.122.125.63:1935/open/1 - NONE/- text/html 1248263513.577 19 172.16.0.57 TCP_DENIED/403 1479 POST http://92.122.125.63:443/open/1 - NONE/- text/html == I know it's the POST part that breaks the whole thing (and have tried POST in squid to no avail..) Any and all help and direction would be gratefully received by this n00b Nickcx -- View this message in context: http://www.nabble.com/Bypass-NTLM-authentication-on-regex-in-URL-tp24604896p24604896.html Sent from the Squid - Users mailing list archive at Nabble.com.
