> Does anybody know how to use max_user_ip?
> I have this acl in squid.conf
Sure. I'll combine it with the lines you provided from squid.conf to show
how it fits.
> acl password proxy_auth REQUIRED
acl multiple max_user_ip -s 1 # Strictly limit user to 1 IP Address
authenticate_ip_ttl 20 minutes # User has to wait 20 minutes before changing
IP Address
http_access deny multiple
> http_access allow password
> http_access deny all
Without the -s, Squid will just randomly block some of the requests from the
second IP address.
Remember, authenticate_ip_ttl is clocked from the last request from a given
IP. We're on a LAN with static IP addresses, so 20 minutes is acceptable; if
you are serving dial-up users, you'll want to set it at about 45 second; if
you're on a LAN using DHCP, 2 - 5 minutes probably.
Adam
--- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.237 / Virus Database: 115 - Release Date: 3/7/2001Received on Wed Jul 02 2003 - 09:24:47 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:17:48 MST