Bob Avery-Babel wrote:
> Good Morning all!
Good evening,
>
> Last friday I set up squid for the first time. I defined some access rules
> and they seemed to work fine. Here is what they look like:
>
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl mynetwork src 192.168.0.0/24
> acl workmachine src 207.xxx.xxx.xxx
> http_access allow localhost
> http_access allow mynetwork
> #http_access allow workmachine
> # And finally deny all other access to this proxy
> http_access deny all
>
> I could deny or allow access to my work machine here at work. If I allowed
> it then I could use the cache. If I commented it out, like above, I would
> get the cache denied page. Cool.
>
> So last night I put in some authentication lines:
>
> authenticate_program /usr/bin/smb_auth -W PARADISE
> acl domainusers proxy_auth REQUIRED
> http_access allow domainusers
>
> Now, even with my proxy supposedly denying my work machine I'm getting a
> username and password prompt. If I enter in a proper username and password
> combo I'm in.
>
> How does this authentication override the rule that says I can't connect
> from my work IP?
If i undesrtand correctly,
Try:
http_access allow domainusers !workmachine
Best regards,
Ilker G.
Received on Mon Jan 13 2003 - 10:41:54 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:39 MST