RE: [squid-users] Transparent vs manual proxy

> -----Original Message-----
> From: Chris Knipe [mailto:savage@savage.za.org]
> Sent: Tuesday, May 24, 2005 3:47 AM
> To: squid-users@squid-cache.org
> Subject: Re: [squid-users] Transparent vs manual proxy
> Just a quick question while we're on this...
>
> Can the following setup work:
> 0.0.0.0/24 - Access with auth_basic
> x.x.x.x/24 - Access via http_accel (Transparent)
> y.y.y.y/24 - Access via manual proxy conf
>
> y.y.y.y and x.x.x.x must not be authenticated... Running the latest squid
2.5
> stable 8 (if I recall corectly). The above should be possible if the
ACLs
> are setup correctly right?
>
> --
> Chris.

Given the following ACLs:

acl manual src y.y.y.y/24
acl intercept src x.x.x.x/24
acl mynet src 1.2.3.0/24
acl authenticated proxy_auth REQUIRED

Something like the following should work:

http_access allow manual
http_access allow intercept
http_access deny !authenticated
http_access allow mynet

For the record, in the above example clients in x.x.x.x CAN be set up to
explicitly use the proxy, and (as long as interception is set up for them)
clients in y.y.y.y/24 can use the proxy implicitly. All the ACLs specify is
that those two subnets will not be prompted for authentication.

Chris
Received on Tue May 24 2005 - 11:26:15 MDT