LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-11-2011, 02:45 AM   #1
fernfrancis
Member
 
Registered: Feb 2009
Location: Goa(India)-Sharjah(UAE)
Distribution: RHEL,centos,fedora,ubuntu
Posts: 229

Rep: Reputation: 18
iwsva


hi guys

I am configuring squid in IWSVA
this is my configuration given below




#
# Recommended minimum configuration:
#
acl manager proto cache_object
acl localhost src 127.0.0.1/32
#IPv6 Not Available: acl localhost src ::1/128
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
#IPv6 Not Available: acl to_localhost dst ::1/128

# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
#IPv6 Not Available: acl localnet src fc00::/7 # RFC 4193 local private network range
#IPv6 Not Available: acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines

acl SSL_ports port 443
acl SSL_ports port 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

acl intranet dstdomain xbe.airarabia.com airarabia.com airarabia.int www.airarabia.int rm.airarabia.com budgetplus.airarabia.com cesar.airarabia.com emma.solution.aero hr.airarabiauae.com airarabia.isaaviations.com aa-cvs sps.airarabiauae.com ithelpdesk.airarabiauae.com G9.airarabia.int shjabyfc.airarabiauae.com

#
# Recommended minimum Access Permission configuration:
#
# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager

# Deny requests to certain unsafe ports
http_access deny !Safe_ports

# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports

http_access allow localnet
http_access allow localhost

# And finally deny all other access to this proxy
http_access allow all

# Squid normally listens to port 3128
#http_port 3128 transparent
http_port 3128

# We recommend you to use at least the following line.
hierarchy_stoplist cgi-bin ?

# Uncomment and adjust the following to add a disk cache directory.
# cache_dir ufs /var/spool/squid 200 16 256
cache_dir ufs /var/spool/squid 200 16 256
# cache_mem 64 MB
cache_mem 64 MB
# maximum_object_size_in_memory 32 KB
maximum_object_size_in_memory 32 KB
minimum_object_size 0 KB
# maximum_object_size 10240 KB
maximum_object_size 10240 KB
# forwarded_for on
forwarded_for transparent

# Leave coredumps in the first cache dir
coredump_dir /var/spool/squid
#logformat squid %ts.%03tu %6tr %>a %ui %Ss/%03>Hs %<st %rm %ru %un %Sh/%<A %mt
logformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %un %Sh/%<A %mt

# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
visible_hostname IWSVA # IWSVA Network added entry
cache_peer proxy1.emirates.net.ae parent 8080 0 default no-query login=PASS
never_direct allow all
#access_log none
cache_store_log none
always_direct allow intranet


i use ldap authentication method for users to login

the problem i am facing is that in the access log generated i dont get to see the username , IP address of the user authenticated

can anyone help me with this
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off




All times are GMT -5. The time now is 07:08 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration