On 15/09/2013 7:54 a.m., Ralph LoBianco wrote:
Hi, Right now I have squid setup with Multiple IPS and its working fine like
this.
acl ip1 myip 192.168.1.101
acl ip2 myip 192.168.1.102
acl ip3 myip 192.168.1.103
acl ip4 myip 192.168.1.104
acl ip5 myip 192.168.1.105
acl ip6 myip 192.168.1.106
Note that "myip" does not work reliably. It has been replaced by localip
and myportname ACL types where the localip ACL matches the IP at the
Squid end of the client TCP connection and myportname matches the
https_port/https_port Squid received that connection at (Note that these
things are different for some traffic modes).
tcp_outgoing_address 192.168.1.101 ip1
tcp_outgoing_address 192.168.1.102 ip2
tcp_outgoing_address 192.168.1.103 ip3
tcp_outgoing_address 192.168.1.104 ip4
tcp_outgoing_address 192.168.1.105 ip5
tcp_outgoing_address 192.168.1.106 ip6
But I want to limit what IP's certain users have access to like this..
User1 to have access to ip1 ip2 and ip3
User2 to have access to ip1 only
User3 to have access to ip1 ip2 ip3 ip4
User4 to have access to ip1 ip2
How would I accomplish this? This ACL stuff has me a little confused. Not
sure if I can use multiple ACLS to do this, etc.
This is best doen with an external ACL helper
(http://www.squid-cache.org/Doc/man/)
Under "Access Controls" there are two helpers checking "userip".
Note the "ext_userip_file_acl" helper is available in older Squid
versions than 3.2, but by a different name and undocumented. If
necessary you can build the 3.2 sources with that helper and copy the
resulting helper binary into an existing older Squid installation.
Amos
