[squid-users] re Howto conf. Squid to allow lan without username password

 Hello ,

 thank you for the fast response, but will this work the way I would like it
 to :

 I don't allow any users to go to the internet without authentication, ...
 I wan't to allow all my users to be able to view webpages that are
 192.168.x.x without username / password. (security camera stuff)

 currently if you type http://192.168.1.109 (which is a security camer
server
 webpage) squid asks for a password, I wish that squid would not ask for a
 password.

 acl lan src 192.168.0.0/24
 http_access allow lan

 will allow these users to use the internet without password as well?

 my current squid.conf looks like this : (so you can better understand my
 current situation)

 http_port 3228
 auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/password
 auth_param basic children 5
 auth_param basic realm Username And Password Required For Internet Access
 auth_param basic credentialsttl 8 hours
 cache_mem 48 MB
 maximum_object_size_in_memory 256 KB
 maximum_object_size 1024 KB
 cache_dir ufs /proxy1/ 6000 14 256
 cache_dir ufs /proxy2/ 6000 14 256
 cache_mgr brobiwbe@*********
 cache_effective_user nobody
 cache_effective_group nobody
 forwarded_for off
 acl all src 0.0.0.0/0.0.0.0
 acl manager proto cache_object
 acl localhost src 127.0.0.1/32
 acl Dangerous_ports port 7 9 19 22 23 25 53 109 110 119
 acl CONNECT method CONNECT
 acl deny_ext urlpath_regex -i "/etc/squid/deny_ext"
 acl nem_cachelunk dstdomain .google.com
 no_cache deny nem_cachelunk
 acl nem_cachelunk2 dstdomain .deltabanka.co.yu
 no_cache deny nem_cachelunk2
 acl microsoft_update dstdomain .microsoft.com
 acl microsoft_update2 dstdomain .download.windowsupdate.com
 acl helpserver dstdomain .helpserver.vir
 acl FTP proto FTP
 always_direct allow FTP
 acl deltabank dstdomain .deltabanka.co.yu
 acl authentic proxy_auth internet
 acl masterUser proxy_auth master
 acl bridge_univerzal src 192.168.1.200
 acl alstar_mail src 192.168.2.200
 acl teszt_cucc src 192.168.1.211
 acl bridge_capriolo src 192.168.0.200
 acl robi src 192.168.1.197
 acl shops src "/etc/squid/prod_banned"
 acl workTime time MTWHF 06:00-17:00
 http_access deny Dangerous_ports
 http_access allow helpserver
 http_access deny shops workTime
 deny_info ERR_PROD_BANNED shops workTime
 http_access allow microsoft_update
 http_access allow microsoft_update2
 http_access allow deltabank
 http_access allow masterUser
 http_access deny deny_ext
 http_access allow bridge_univerzal
 http_access allow bridge_capriolo
 http_access allow alstar_mail
 http_access allow teszt_cucc
 http_access allow robi
 http_access allow authentic
 http_access deny all
 redirector_access deny masterUser
 redirect_program /usr/bin/squidguard
 redirect_children 4

 Sincerely
 Robert B

 ----- Original Message -----
 From: "Kashif Ali Bukhari" <kbukhari@gmail.com>
 To: "Robert Becskei" <brobiwbe@stcable.co.yu>
 Cc: <squid-users@squid-cache.org>
 Sent: Tuesday, July 19, 2005 10:14
 Subject: Re: [squid-users] Howto conf. Squid to allow lan without username
 password

 ok
 u can allows Ur
 192.168.x.x before authentications
 like

 acl lan src 192.168.0.0/24
 http_access allow all

 Note: and in next line write authentication acls

 On 7/19/05, Robert Becskei <brobiwbe@stcable.co.yu> wrote:
> Hello everyone,
>
> I have my proxy server running on the same computer which is my router,
> the
> problem is (till I seperate the two,...which I will but later)
> that squid asks for username/password for lan computers as well, is there
> a
> way to tell squid to allow 192.168.x.x without username / password ?
>
> Sincerely
> Robert B
>
>

 --
 Syed Kashif Ali Bukhari
 Network Associate Asia Net
 Cell :- +92-345-4244813 , +92-300-4295604
 Ph +92-42-111-111-202 Fax +92-42-5840905
 MSN:- kbukhari@msn.com ; kashif.bukhari@asia.net.pk
 http://asia.net.pk , http://asiatec.biz
Received on Tue Jul 19 2005 - 02:34:25 MDT