Hi,
Thanks for the comments.
This is what I want to implement :
1/ requests from different users for specific domains being forwarded to
other proxy as user kaiweb. All other requests going to the default parent
to the internet with normal defined acl's.
2/ this other proxy (only being used for this purpose) does not authenticate
kaiweb and allows this user to go everywhere on the internet
It is important users do not see this account, so cannot abuse internet
access using it.
I have been playing around with it and do not get it working properly.
Forwarding to an other proxy using kaiweb for specific domains does not
work. I assume using cache_peer login=user:pass means one of the 2 proxies
still have to authenticate. I also found I cannot use smb_auth on the one
proxy and ntlm_auth on the other, so it would be smb_auth on both.
I have it configured like this and it does not forward anything to the other
proxy for the specific domains. Probably I am overlooking something.
On the parent proxy I have configured port 8888 and authentication required
disabled.
On the proxy the users are connecting, I have :
cache_peer 138.249.161.5 parent 8888 0 proxy-only no-query no-digest
no-netdb-exchange login=kaiweb:pass
cache_peer 138.249.118.136 parent 8080 8081 no-digest no-netdb-exchange
acl course dstdomain "/etc/squid/coursedomains"
acl internetacl proxy_auth REQUIRED
acl courseusr proxy_auth "/var/squid/auth/course-users"
cache_peer_access 138.249.161.5 allow course courseusr
cache_peer_access 138.249.118.136 allow course !courseusr
http_access allow course
http_access allow courseusr
http_access allow internetacl
http_access deny all
never_direct allow all
prefer_direct off
I have no errors but the forwarding to the other proxy does not work. Any
suggestions what I might be doing wrong?
Hope someone can help, have some suggestions.
regards,
./koen
Received on Thu Mar 28 2002 - 07:33:55 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:10 MST