Re: [squid-users] http_acces list problem: list searching doesnt terminates from Robert Collins on 2003-09-27 (squid-users)

From: Robert Collins <robertc@dont-contact.us>
Date: Sun, 28 Sep 2003 08:32:32 +1000

On Sat, 2003-09-27 at 05:56, Horvath Katalin wrote:

> Its a Debian Woody box, with 2.4.28 kernel. I downloaded squid 2.5
> stable 3 source from www.squid-cache.org, "debianized" it with deb-make
> command. My debian/rules files is:

You could just use apt-get source to get a pre debianised sources, with
the full configure line. In fact, IIRC, the debian sources enable ntlm.

> http_access deny badusers
> http_access allow AuthorizedUsers
> http_access allow our_networks

This is your problem:
authorised users in the badusers list will be blocked.
Unauthorised users will be allowed.

I suggest:
# prevent brute force external attacks on user passwords
http_access deny !our_networks
# require authentication
http_access deny !AuthorizedUsers
# block bad users
http_access deny badusers
# allow everything else
http_access allow all

Rob

-- 
GPG key available at: <http://members.aardvark.net.au/lifeless/keys.txt>.

application/pgp-signature attachment: This is a digitally signed message part

Received on Sat Sep 27 2003 - 16:32:41 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:20:03 MST