Re: [squid-users] Different ACLs for different interfaces on the same squidinstance

From: Kinkie <gkinkie_at_gmail.com>
Date: Wed, 25 Nov 2009 14:11:32 +0100

On Wed, Nov 25, 2009 at 1:02 PM, Gary Bennett <benngl_at_shands.ufl.edu> wrote:
> Thanks for the reference, Amos.  However, how do you set specific ACLs for each interface?
> That is, don't see a method for saying that we want 1.1.1.100 to be LDAP auth, but not 1.1.1.101.  Thanks, again.

You simply need not to depend on any user-identity clause. E.g.
structure your http_access lines as:

acl ipauth myip the_right_ip
acl okdests dst net1 net2 net3..
acl safe_ports ... # the snippets from the configuration interface
acl userdb proxy_auth user1 user2 ...

http_access allow http safe_ports ipauth okdests
http_access deny ipauth
http_access allow http safe_ports userdb
http_access deny all

Notice that this is an EXAMPLE: it misses protecting cachemgr, https,
ftp and all the other goodies which the default config takes care of.

-- 
    /kinkie
Received on Wed Nov 25 2009 - 13:11:40 MST

This archive was generated by hypermail 2.2.0 : Wed Nov 25 2009 - 12:00:06 MST