This is because max_user_ip requires the user to log in in order to
identify the user, so when the user is required to log in the acl who
denied them access anonymously was "multiple-login-normal".
You should be able to use
http_access deny imsd-users multiple-login-normal
to get around this.
Regards
Henrik
Abdul-Azeez wrote:
>
> Hi all ,
> I am running squid2.5 STABLE1. and I use proxy_auth to authenticate my
> users.
> I also used the "max_user_ip -s" to limit login from more than one computer
> and this work's well. I want users who attempt to break this second rule
> to see a custom message but it seems to work funnily.
>
> The custom message is now displayed both when a user enters a wrong password
> (or
> none at all) and when multiple login is attempted from 2 PCs.
> Part of my ACL are shown below
> .
> acl multiple-login-normal max_user_ip -s 1 # max no. of login by user from
> diff. IP addresses
> .
> acl all-cib-staff src 128.1.0.0/16 #all users in the in CIB
> .
> acl imsd-users proxy_auth REQUIRED # users in systems dept.
> .
> acl working-hours time MTWHF 08:00-17:00 # official bank working hours
> .
> .
> deny_info mult-log-normal multiple-login-normal
> http_access deny multiple-login-normal
> http_access allow all-cib-staff !working-hours
> http_access allow imsd-users
> http_access deny all-cib-staff
> .
>
> Can someone please tell me what I am doing wrong? Or suggest better
> ACL lines to implement my plan.
>
> Abdul
Received on Tue Dec 31 2002 - 06:13:02 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:16 MST