Re: [squid-users] acl max_user_ip / authenticate_ip_ttl in squid 2.5pre7

From: Marco Berizzi <pupilla@dont-contact.us>
Date: Mon, 17 Jun 2002 13:57:18 +0200

Just downloaded and compiled squid 2.5.PRE7-20020616
Now all is fine. max_user_ip -s is working properly.

Thanks.

>From: Henrik Nordstrom <hno@squid-cache.org>
>To: "Marco Berizzi" <pupilla@hotmail.com>
>CC: squid-users@squid-cache.org
>Subject: Re: [squid-users] acl max_user_ip / authenticate_ip_ttl in squid
>2.5pre7
>Date: Fri, 14 Jun 2002 23:36:07 +0200
>
>I am having my night shift poking around in the Linux kernel.. I from
>Sweden by the way.
>
>Regards
>Henrik
>
>
>
>On Friday 14 June 2002 18:31, Marco Berizzi wrote:
> > Thanks Henrik. Monday I will try the snapshot.
> > Now I'm going home it's friday 18:30, I'm from Italy.
> >
> > Have a nice week-end.
> >
> >
> > From: Henrik Nordström <hno@squid-cache.org>
> >
> > >To: "Marco Berizzi" <pupilla@hotmail.com>
> > >CC: squid-users@squid-cache.org
> > >Subject: Re: [squid-users] acl max_user_ip / authenticate_ip_ttl
> > > in squid 2.5pre7
> > >Date: Fri, 14 Jun 2002 18:25:46 +0200
> > >
> > >Right. Now the max_user_ip acl forgot the number of allowed IP's,
> > > not allowing
> > >any..
> > >
> > >Fixed in the next snapshot.
> > >
> > >Regards
> > >Henrik
> > >
> > >Marco Berizzi wrote:
> > > > From: Henrik Nordström <hno@squid-cache.org>
> > > >
> > > > >To: "Marco Berizzi" <pupilla@hotmail.com>
> > > > >CC: squid-users@squid-cache.org
> > > > >Subject: Re: [squid-users] acl max_user_ip /
> > > > > authenticate_ip_ttl in
> > >
> > >squid
> > >
> > > > >2.5pre7
> > > > >Date: Thu, 13 Jun 2002 19:00:32 +0200
> > > > >
> > > > >Marco Berizzi wrote:
> > > > > > Here is:
> > > > > >
> > > > > > 172.16.1.116 - - [13/Jun/2002:14:20:01 +0200] "GET
> > >
> > >http://www.cert.org/
> > >
> > > > > > HTTP/1.0" 407 1358 TCP_DENIED:NONE
> > > > > > 172.16.1.116 - - [13/Jun/2002:14:20:01 +0200] "GET
> > >
> > >http://www.cert.org/
> > >
> > > > > > HTTP/1.0" 407 1358 TCP_DENIED:NONE
> > > > > > 172.16.1.116 - aive\mberizzi [13/Jun/2002:14:20:01 +0200]
> > > > > > "GET http://www.cert.org/ HTTP/1.0" 403 1012
> > > > > > TCP_DENIED:NONE
> > > > >
> > > > >So the logging of the username did work, and we should remove
> > > > > that
> > >
> > >message
> > >
> > > > >from cache.log.
> > > > >
> > > > > > then I have clicked on the refresh button:
> > > > >
> > > > >[... allowed]
> > > > >
> > > > >Which shows that the functionality similar to that of
> > > > >"authenticate_ip_ttl_is_strict off".
> > > > >
> > > > >Checking in the source I see that there is a undocumented
> > > > > option to
> > >
> > >make
> > >
> > > > >max_user_ip strict. Try specifying -s before the number of
> > > > > allowed IP addresses.
> > > > >
> > > > > acl concurrent_browsing max_user_ip -s 1
> > > >
> > > > My squid.conf now:
> > > >
> > > > ...
> > > > acl concurrent_browsing max_user_ip -s 10 ***(YES TEN)***
> > > > http_access deny concurrent_browsing
> > > > ...
> > > >
> > > > I can't browse from any wks now :-[
> > > > Now cache.log is always reporting:
> > > >
> > > > XXX aclMatchUserMaxIP returned 0, somebody bla bla bla
> > > >
> > > > PS: I have also tried to disable authenticate_ip_ttl,
> > > > but nothing has been changed. I have tested for both
> > > > NTLM and basic auth. Same behaviuor for both schema.
> > > >
> > > > Any other idea?

_________________________________________________________________
MSN Photos is the easiest way to share and print your photos:
http://photos.msn.com/support/worldwide.aspx
Received on Mon Jun 17 2002 - 05:58:20 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:08:42 MST