Search squid archive

Re: cache_peer selection based on username

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hey Amos,
Thanks, I fixed the keys with the proper "_" character.
Seems like I was in a hurry and did some config mistakes, "proxy0.2" and "proxy0.3" are supposed to be "proxy1" and "proxy2".
Regarding the helper, I also forgot to mention, I am using 2 helpers, one for IP whitelisting and one for username authentication,
in the example I provided I am using IP whitelisting, the naming is wrong, please see the fixed config.

acl mynote1 note mykey_ note1
acl mynote2 note mykey_ note2

external_acl_type IP_whitelist_external children-max=20 ttl=300 %>lp %>a script.sh
acl whitelisted_IP external IP_whitelist_external
http_access allow whitelisted_IP

nonhierarchical_direct off
never_direct allow all
cache_peer 192.168.8.1 parent 101 0 proxy-only default name=proxy1
cache_peer_access proxy1 allow mynote1
cache_peer_access proxy1 deny all
cache_peer 192.168.8.2 parent 102 0 proxy-only default name=proxy2
cache_peer_access proxy2 allow mynote2
cache_peer_access proxy2 deny all

Then, on the external helper, I return one of these two:

OK mykey=note1
OK mykey=note2

For the authentication helper, I did not look into it but contrary to my belief it seems auth_param does not support defined keywords,
so I guess I will have to follow your advice by adding %un to my user_whitelist_external helper, is there any way to do this with auth_param?
what exactly do you mean to send it as a group name?

Roee.



On Tue, Jan 12, 2021 at 11:59 AM Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:
On 12/01/21 9:17 pm, Eliezer Croitoru wrote:
> Hey Amos,
>
> One thing that the auth helper cannot do with this note is the ttl.
> The auth ttl is different then the request IP binding/routing.

That can be added in via the the key_extras detail.

Though I am still worried that the OP *only* asked about routing by
"username" then their apparently working solution has nothing to do with
users or usernames at all.


Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux