RE: [squid-users] Acl max_user_ip strange behavior?

Once again, many thanks for your help, now I think I understood the concept.
Not trying to abuse, but is there a way to put it into just one line or
max_user_ip must be alone?

Example that is working:

authenticate_ttl 3 hour
authenticate_ip_ttl 60 seconds
acl ip_unico max_user_ip -s 1
http_access deny ip_unico
http_access allow !deny_range !blacklist !download ldapauthentication

Replacement that I have tried but didn’t work

http_access allow !deny_range !blacklist !download !ip_unico
ldapauthentication

Regards,

>From: Henrik Nordstrom <hno@squid-cache.org>
>To: M J <mjardeli@hotmail.com>
>CC: squid-users@squid-cache.org
>Subject: RE: [squid-users] Acl max_user_ip strange behavior?
>Date: Sat, 3 Apr 2004 15:36:59 +0200 (CEST)
>
>On Sat, 3 Apr 2004, M J wrote:
>
> > I had one acl that some URLs can be accessed without authentication, but
> > when I put this acl before the acl max_user_ip users can go through
>without
> > authentication but if I put it after squid just ignore acl and ask for
> > authentication. Is that behavior right ?
>
>It is. max_user_ip requires authentication as it needs the login name to
>determine how many IP addresses this user is using.
>
>Squid asks for authentication as soon as it reaches a acl requiring a
>login name. Not only from proxy_auth acls. proxy_auth acls is just an acl
>for matching the login name to a list of logins.
>
>Other acls requiring login names are:
>
> proxy_auth
> proxy_auth_regex
> max_user_ip
> external, using an external_acl_type with %LOGIN
>
>Regards
>Henrik
>

_________________________________________________________________
MSN Messenger: converse com os seus amigos online.
http://messenger.msn.com.br
Received on Sat Apr 03 2004 - 08:01:53 MST