LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 01-12-2004, 12:19 PM   #1
kcourser
LQ Newbie
 
Registered: Mar 2003
Posts: 13

Rep: Reputation: 0
squid authentication exceptions


I am testing Censornet for my local network of about 30 computers. It uses Dansguardian and Squid and is authenticating users from and samba pdc. I am manually editing the config files to allow my servers to access the internet without authentication but all attempts are not working. Here is the squid.conf excerpt of auth_param, http_access and acls:
__________________________________________________
auth_param basic program /usr/local/squid/libexec/msnt_auth
auth_param basic children 30
auth_param basic realm CensorNet HTTP Proxy Server
auth_param basic credentialsttl 300 seconds

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 81 # http
acl Safe_ports port 85
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-1074 # unregistered ports
acl Safe_ports port 1076-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl authenticated_users proxy_auth REQUIRED
acl censornet dst 192.168.0.3/255.255.255.255
acl censornet dst 127.0.0.1/255.255.255.255
acl ibox_src src 127.0.0.1/255.255.255.255
acl ibox_src src 192.168.0.3/255.255.255.255
acl dg_denied urlpath_regex dansguardian
acl blud_user proxy_auth __censornet_user__
acl s1 src 192.168.0.25/255.255.255.0
acl s2 src 192.168.0.40/255.255.255.0
acl s3 src 192.168.0.27/255.255.255.0
acl s4 src 192.168.0.200-192.168.0.204/255.255.255.0

http_access allow s1
http_access allow s2
http_access allow s3
http_access allow s4
http_access allow manager localhost
http_access deny manager
http_access deny censornet !dg_denied
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow authenticated_users ibox_src
http_access deny all

__________________________________________________

I though allowing s* first would let them pass through without auth prompt but it doesn't. Does anyone know how to do this?

Thanks
Kevin
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Squid Cache Site Exceptions?? win32sux Linux - Software 5 12-13-2004 09:28 AM
Squid Question - Add exceptions to cache cortj Linux - Networking 3 11-22-2004 10:41 AM
squid authentication agent bigote Linux - Newbie 0 09-23-2004 03:33 AM
Squid authentication gubak Linux - Networking 10 08-13-2004 09:31 AM
Squid - Authentication TechnoBod Linux - Networking 3 06-23-2003 08:19 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 01:01 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration