[squid-users] wccp patch for kernel 2.4.19

Dear all
can anybody give me the ip_wccp v2 patch for kernel 2.4.19

   Regards

   Sukhjit Singh
   Network Administrator
   Emmsons Infotech Ltd.
   SCO 13-14-15, Sec 34A,
   Chandigarh-160 022
   (Ph): +91 172 606664
   Mobile 9815228132
   sukhjits@emmtel.com
   http://www.emmtel.com

----- Original Message -----
From: "Gavin Hamill" <gavin@bytel.net.uk>
To: <squid-users@squid-cache.org>
Sent: Tuesday, April 01, 2003 4:12 PM
Subject: Re: [squid-users] NTLM questions (sorry)

> > Gavin,
> > I know how you feel I battled with winbind and these problems for ages
and
> > finally it all worked. Below is the relevant parts of my squid.conf.
>
> I'm /almost/ there :) winbindd now seems to work fine, and I can
> successfully limit squid access only to those who authenticate using
NTLM...
> those currently logged into the domain see no pop-up password prompt, and
> those roaming can just tap in their on-site user/password/domain into the
> box...
>
> However, the grail is to achieve two things:
>
> 1) Members of the 'Domain Admins' group are allowed proxy access to any
> site, at any time of day
> 2) All other authenticated users are only permitted to use a set list of
> websites during office hours.
>
> At present, if I reference anything relating to NT groups, I just get
> 'Access Denied' from squid..
>
> Here's my entire squid.conf for 2.5.STABLE2, verbatim:
>
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> hierarchy_stoplist cgi-bin ?
>
> acl QUERY urlpath_regex cgi-bin \?
> no_cache deny QUERY
>
> auth_param ntlm program /usr/lib/squid/wb_ntlmauth
> auth_param ntlm children 5
> auth_param ntlm max_challenge_reuses 0
> auth_param ntlm max_challenge_lifetime 2 minutes
>
> refresh_pattern ^ftp: 1440 20% 10080
> refresh_pattern ^gopher: 1440 0% 1440
> refresh_pattern . 0 20% 4320
>
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
>
> external_acl_type NT_global_group %LOGIN /usr/lib/squid/wb_group
> acl domainadmins external NT_global_group "Domain Admins"
>
> acl domainmember proxy_auth REQUIRED
>
> acl localhost src 127.0.0.1/255.255.255.255
>
> acl lan src 80.76.192.0/255.255.255.0
>
> acl to_localhost dst 127.0.0.0/8
> acl SSL_ports port 443 # https
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 # https
> acl purge method PURGE
> acl CONNECT method CONNECT
>
> http_access allow manager localhost
> http_access deny manager
> http_access allow purge localhost
> http_access deny purge
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
>
> acl morning time MTWHF 09:00-12:59
> acl afternoon time MTWHF 14:00-16:59
> acl whitelist dstdomain "/etc/squid.whitelist"
>
> http_access allow localhost
>
> # admins should get full access, whenever, wherever.
> http_access allow domainmember domainadmins
>
> # non-admins can only look at certain sites during office hours ...
> http_access deny domainmember morning !whitelist
> http_access deny domainmember afternoon !whitelist
> # ... and all sites outside office hours.
> http_access allow domainmember
>
> # non-auth'd users get nada
> http_access deny all
>
> http_reply_access allow all
>
> icp_access allow all
> coredump_dir /var/spool/squid
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
>
> As it stands, this config does not work as I want because members of
'Domain
> Admins' group are assigned the same privileges as normal NTLM-auth'd
users.
> I don't understand this, because:
>
> wintermute:~# /usr/lib/squid/wb_group
> floss "Domain Admins"
> OK
>
> I've also tried surrounding the Domain Admins group name with single and
> double-quoted in squid.conf, but this has made no difference
>
> As always, I'm interested in suggestions :)
>
> Cheers,
> Gavin.
>
>
Received on Tue Apr 01 2003 - 04:36:28 MST