On 1/11/20 12:27 pm, roee klinger wrote:
Thanks Amos!
I updated "auth_param basic credentialsttl" according to your advice and
it is working great.
I am still having issues with the "tcp_outgoing_address 192.168.8.12
acl_for_user3002" part, you mentioned:
> For ACLs with values that are expected to change often it is best to use
> an external_acl_type helper that manages the updates or fetches from
> somewhere the updates are handled without a reload.
My script updates the authenticator successfully, but when I update "acl
acl_for_user3002 proxy_auth user2" to the new username I have to
reconfigure to take effect.
I read online for hours but to my best understanding external_acl_type
are for auth and access control, but they don't work for my needs I believe.
Is there any way to use external_acl_type in a way I don't understand to
solve this problem? Do I have to reconfigure every time I make changes
to an ACL in squid.conf?
Some directives have to produce allow/deny result immediately, without
waiting for a helper to respond. The details are documented here:
<https://wiki.squid-cache.org/SquidFaq/SquidAcl>
In modern Squid you can use a helper to set annotations which are
checked with the "note" ACL type in the fast checks.
It sounds a bit like you are trying to tie IPs to individual users.
Please be aware that breaks the multiplexing and persistence features of
HTTP, which is a major performance loss.
Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
