Am 29.09.2010 13:24, schrieb Amos Jeffries: > On 29/09/10 20:09, Bob Kromonos Achten wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> I have a "little" problem with my lighttpd server, reaching over squid >> web proxy. >> When I configure browser, to use proxy, I could?'t enter username and >> password for mod_auth secured directorys. I directly get a "Not >> authenticated" error. >> What do I need to configure in squid.conf to such a folder correctly? >> >> Another problem is, that facebook chat did?'t work with use of a squid >> web cache proxy. Need help there too, to configure squid correctly. > > What do you expect us to say? > * The default access controls all permit these things to work. > * mod_auth, lighthttpd and other such www server authentication is not > related to Squid and passed through untouched. > > Amos yay, you're right .. problem with mod_auth was gone .. thank you for hinting me to www server authenication .. I had request_header_access WWW-Authenticate deny all in my configuration .. also reply_header_access WWW-Authenticate deny all. Just the facebook chat application don't want to work -.- I've attached my squid.conf file. Maybe you can see my fault there I made.
acl manager proto cache_object acl webserver src 10.0.0.2 acl localhost src 127.0.0.1/32 ::1 acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1 acl localnet src 10.0.0.0/8 acl localnet src 192.168.0.0/16 acl localnet src fc00::/7 acl localnet src fe80::/10 acl kromkrom src 2001:4dd0:ff00:56::2 acl BAD_DOMAINS dstdom_regex -i "/etc/squid/bad_domains" acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 901 # SWAT acl CONNECT method CONNECT http_access deny BAD_DOMAINS http_access allow manager localhost http_access allow manager webserver http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localnet http_access allow localhost http_access allow kromkrom http_access deny all icp_access allow localnet icp_access deny all htcp_access allow localnet htcp_access deny all htcp_clr_access deny all ident_lookup_access allow all http_port 8080 cache_peer squidi.kromonos.net sibling 8080 3130 default hierarchy_stoplist cgi-bin ? cache_mem 1024 MB cache_dir ufs /public/misc/squid.cache 20480 16 256 access_log /public/misc/squid.cache/access.log cache_store_log /public/misc/squid.cache/store.log logfile_rotate 10 pid_filename /var/run/squid.pid coredump_dir /var/cache/squid refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 request_header_access User-Agent deny all reply_header_access User-Agent deny all header_replace User-Agent Mozilla/5.0 (X11; U; Linux 2.6.35.3-SquidSheep; de-DE) Gecko/20100402 Epiphany/2.31.3 visible_hostname "yinichi.kromonos.net" dns_nameservers 10.0.0.2
