Search squid archive

Re: squid asking for authentication repeatedly

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 14/12/17 11:32, Paul Hackmann wrote:
Amos,

I will do an update to the most recent version and see if that helps. It was one of those situations where if it ain't broke, don't fix it. And up until now, it has worked very well.

You are right, I had brain fade about port 4120.  It should NOT ask for authentication ever, and only connect to whitelisted sites, which is what I want.

I've made the changes you recommended to the conf file.  So far, everything seems to be working as I expect it to.  Thank you!

One more question if you don't mind.  I am trying to add some ip addresses as whitelisted for port 4120.  I guess I can't add those to the whitelist file, because it's formatting doesn't work with IP addresses?

Sort of. dstdomain can accept IPs for matching against raw-IP text strings in URLs where domain should have been. But does not do ranges like you need there.

So yes dst is the one to use there.

However, be aware that it will match if *any* IPs for the domain being fetched is in your whitelist set. It has nothing to do with whether that matching dst-IP is actually used by Squid on the server connection. To workaround that is where explicitly configuring "never_direct allow all" comes in handy.


  I read that you can add them into the conf file.  I've created the following acl line:

acl 8x8 dst 8.5.248.0/23 8.28.0.0/22 63.209.12.0/24 162.221.236.0/23 162.221.238.0/23 192.84.16.0/22

and I tried to add 8x8 to the the http_access line:

http_access allow whitelist 8x8

but when I did that, the 4120 port started asking for authentication, which is wrong. Can you tell me how to open those ip address ranges for port 4120?


Your use of http_access is not quite right.

see <https://wiki.squid-cache.org/SquidFaq/SquidAcl#Common_Mistakes>


Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux