Hi all, it's me again, just a simple question
--
I've configured an squid 2.7 with ntlm auth and i want to let some AD users to listen spotify
My problem is that spotify streaming is being blocked by squid to this group and idk why. Maybe another syntax problem?
here's my squid.conf
###########################SQUID.CONF
visible_hostname prana
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 5
auth_param ntlm keep_alive on
external_acl_type ntlm_group ttl=3600 children=100 %LOGIN /usr/lib/squid/wbinfo_group.pl
acl porno url_regex -i "/etc/squid/listas/porno.lst"
acl permitidos dstdomain -i "/etc/squid/listas/permitidos.lst"
acl directo url_regex -i "/etc/squid/listas/direct.lst"
acl vidyaud rep_mime_type -i "/etc/squid/listas/blockstr.lst"
acl useragent browser -i "/etc/squid/blockejec/browser.lst"
acl blockstr req_mime_type -i "/etc/squid/blockejec/blocstreaming.lst"
acl blockejec url_regex -i "/etc/squid/blockejec/blockejec.lst"
acl audyvid req_mime_type -i "/etc/squid/listas/blockstr.lst"
acl blockstr2 rep_mime_type -i "/etc/squid/blockejec/blocstreaming.lst"
acl destinolimitado dstdomain -i "/etc/squid/listas/limitado.lst"
acl all src all
acl CONNECT method CONNECT
acl manager proto cache_object
acl webserver src 192.168.8.121/255.255.255.255
http_access allow manager webserver
http_reply_access allow manager webserver
http_access deny manager
http_access deny porno all
http_reply_access deny porno all
acl uservipstr external ntlm_group "/etc/squid/listas/uservipstr.lst"
http_access deny blockejec uservipstr
http_access allow uservipstr
http_reply_access allow uservipstr
http_access deny blockstr !uservipstr all
http_reply_access deny blockstr !uservipstr all
http_access deny blockstr2 !uservipstr all
http_reply_access deny blockstr2 !uservipstr all
http_access deny audyvid !uservipstr all
http_access deny vidyaud !uservipstr all
http_reply_access deny audyvid !uservipstr all
http_reply_access deny vidyaud !uservipstr all
acl SSL_ports port 443 # https
acl SSL_ports port 563 # snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl Safe_ports port 78 69 #Spotify
# Deny requests to unknown ports
#http_access allow Safe_ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
acl ntlm proxy_auth REQUIRED
http_access allow ntlm
http_reply_access allow ntlm
http_access deny all
http_reply_access deny all
###########
thank you all
Jonathan Filogna
It Senior
Tasso SRL
4702 1910
4702 1910
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users