RE: [squid-users] errors in cache.log; no connection data....... ..

Henrik, I am using a proxy_auth based ACL on http_reply_access. It seemed to
work fine when I tested it. I have one group that isn't allowed to download
files like mp3 and mpeg files and another group that is allowed to download
files off the internet. Or is http_reply_access not designed to work with a
proxy_auth based ACL?

Thanks,
Chris

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl http_ports port 80 443 563 10000
acl all_ports port 1-65535

acl CONNECT method CONNECT
acl restricted_users_websites dstdomain
"/etc/squid/restricted_users_websites.txt"
acl restricted_users_ip-addresses dst
"/etc/squid/restricted_users_ip-addresses.txt"
acl my_network src 172.16.0.0-172.25.0.0/255.255.0.0

acl unrestricted_users_no_download proxy_auth
"/etc/squid/unrestricted_users_no_download.txt"
acl restricted_users proxy_auth "/etc/squid/restricted_users.txt"
acl unrestricted_users_download proxy_auth
"/etc/squid/unrestricted_users_download.txt"

acl downloads rep_mime_type "/etc/squid/mime_type_blocked_download.txt"
acl blocked_urls url_regex "/etc/squid/blocked_urls.txt"
acl available_download_websites dstdomain
"/etc/squid/available_download_websites.txt"

[root@SQUID root]# grep _access /etc/squid/squid.conf
http_access allow manager localhost
http_access deny blocked_urls
http_access allow restricted_users restricted_users_websites http_ports
my_network
http_access allow restricted_users restricted_users_ip-addresses http_ports
my_network
http_access allow unrestricted_users_no_download all http_ports my_network
http_access allow unrestricted_users_download all all_ports my_network
http_access allow proxy_server http_ports my_network
miss_access allow all
http_access allow localhost
http_access deny all

http_reply_access allow available_download_websites
http_reply_access deny restricted_users downloads
http_reply_access deny unrestricted_users_no_download downloads
http_reply_access allow unrestricted_users_download downloads
http_reply_access allow all

icp_access allow all

[root@SQUID root]#

-----Original Message-----
From: Henrik Nordstrom [mailto:hno@squid-cache.org]
Sent: Saturday, November 16, 2002 3:39 PM
To: Chris Tatro
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] errors in cache.log; no connection data.........

Seems you are trying to use a proxy_auth based ACL somewhere else than
in http_access. Maybe this is in a delay_pool_access or similar
directive.

"grep _access squid.conf", and make sure proxy_auth based ACLs is only
used in http_access.

Regards
Henrik

Chris Tatro wrote:
>
> I am running squid 2.5stable1 on redhat Linux with ntml authentication
> against a Windows NT domain controller. My question is why I am getting
> thousands of line in my cache.log saying the following. I have about
twenty
> users set up on the proxy right now but plan to add many more once I get
the
> bugs worked out. None of the users have complained about getting to
websites
> so I am assuming everything is working fine for them.
>
> 2002/11/15 14:26:03| authenticateAuthenticate: no connection data, cannot
> process authentication
>
> Thanks, Chris
Received on Thu Nov 21 2002 - 11:09:48 MST