Augusto Casagrande wrote:
Hi everyone.
I'm having delay pools issues.
I've had declared 3 delay pools , and i'had made 3 different groups in
3 text files, each file contains the name of the user corresponding to
the navegation speed
I'had declared INFO as the highest privilege group, GRAL as standard
navegation group , and REST as restricted navegation group.
My problem , is that apparently my rule is not work, as all the users
ara allowed in the delay_pool 1, and nobody are allowed in the other 2
delay_pools.
I guess the problem is in the delay_access section...?
My squid.conf section :
delay_pools 3
delay_class 1 3
delay_class 2 3
delay_class 3 3
delay_access 1 allow info !gral !rest
While explicit as it is, this line would be better expressed (and
simpler for Squid to parse) as...
delay_access 1 allow info
...assuming "info", "gral" and "rest" don't have any overlap. If there
is overlap, the original is fine.
delay_access 1 deny gral rest
This line says deny access to delay pool 1 for the intersection of gral
AND rest.
Since there are no further delay_access rules for pool 1, there is an
implicit "delay_access 1 allow all" after. What you should have is...
delay_access 1 deny all
delay_access 2 allow gral !rest
delay_access 2 allow gral
delay_access 2 deny rest
delay_access 2 deny all
delay_access 3 allow rest
delay_access 3 deny all
delay_parameters 1 -1/-1 -1/1024000 15000/512000
delay_parameters 2 -1/-1 30000/1024000 7000/512000
delay_parameters 3 -1/-1 30000/1024000 3000/512000
acl info proxy_auth_regex -i "/etc/squid/info.txt" REQUIRED
acl gral proxy_auth_regex -i "/etc/squid/gral.txt" REQUIRED
acl rest proxy_auth_regex -i "/etc/squid/rest.txt" REQUIRED
I have to imagine that the delay_parameters and ACLs are defined above
the delay_access lines that reference them, as Squid reads the config
file in a linear fashion.
Thanks in advice !
Chris