squid acl

Fórumok

Sziasztok ,

Segitseget szeretnek kerni. Nemigazan latom a hiba okat.
Adott egy ubuntu 9-04 server + Squid Cache: Version 2.7.STABLE3

Feltelepitettem , mukodik is (cachel, authentical) ,de ha beleirok ilyet a konfigjaba:

acl jofiuk src "/etc/squid/jofiuk.txt"
http_access allow jofiuk
ami arra lenne hivatott , h a jofiuk.txt-ben szereplo ipcimrol jovo keres eseten ne kerjen jelszot akkor ra sem bagozik.

Nem jovok ra mit nezek el de nagyon.
Segitsgeteket elore is koszonom
Sztupi

ps: ja a config:
auth_param basic program /usr/lib/squid/ncsa_auth /usr/etc/passwd
auth_param basic children 5
auth_param basic credentialsttl 3 hours
auth_param basic casesensitive off
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
url_rewrite_program /usr/local/bin/squidclamav

acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl purge method PURGE
acl CONNECT method CONNECT

acl users proxy_auth REQUIRED

http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow users

acl jofiuk src /etc/squid/jofiuk.txt
http_access allow jofiuk

http_access allow localnet
http_access allow localhost

http_access deny all

icp_access allow localnet
icp_access deny all

http_port 3128

hierarchy_stoplist cgi-bin ?

access_log /var/log/squid/access.log squid

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Package(.gz)*)$ 0 20% 2880
refresh_pattern . 0 20% 4320

acl shoutcast rep_header X-HTTP09-First-Line ^ICY\s[0-9]
upgrade_http0.9 deny shoutcast

acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
extension_methods REPORT MERGE MKACTIVITY CHECKOUT

hosts_file /etc/hosts
coredump_dir /var/spool/squid

Hozzászólások

Udv.

Csak tipp es lehet oltari hulyeseg :)

Nem lehet, hogy a 'http_access allow jofiuk' -at a 'http_access allow users' ele kellene beszurni ?

Tenyleg csak tipp es talalgatas, de mintha a squid is nezne az ACLben a sorrendet, hogy ki van elobb. Ha ez igaz, akkor
kerni is fogja a jelszot, mivel a 'users' elobb szerepel mint a 'jofiuk' es ezaltal elobb kerul feldolgozasra.

Baromsag ez, vagy csak raereztem a lenyegre? :)

Udv
-krix