Re: [squid-users] Re: Bandwidth split?

From: Chad Naugle <>
Date: Tue, 09 Nov 2010 10:22:44 -0500

Make sure that your path to ncsa_auth is correct, and that your
squid_passwd file is correct.
A few modifications I've made below:

Chad E. Naugle
Tech Support II, x. 7981
Travel Impressions, Ltd.

>>> "J Webster" <> 11/9/2010 9:19 AM >>>
It is defines earlier in the conf as:

# Moved
auth_param basic program /usr/lib/squid/ncsa_auth
auth_param basic realm "AName proxy server"
auth_param basic credentialsttl 2 hours
authenticate_cache_garbage_interval 1 hour
authenticate_ip_ttl 2 hours
# "all" should already be pre-defined.
#acl all src
acl manager proto cache_object
acl localhost src
acl cacheadmin src
acl to_localhost dst
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 1863 # MSN messenger
acl ncsa_users proxy_auth REQUIRED
acl maxuser max_user_ip -s 2
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny to_localhost
http_access deny maxuser
http_access allow localhost
# Moved
http_access allow ncsa_users
http_access deny all
icp_access allow all

# Added from other email

acl magic_words1 url_regex -i 192.168
acl magic_words2 url_regex -i ftp .exe .mp3 .vqf .tar.gz .gz .rpm .zip
.rar .avi .mpeg .mpe .mpg .qt .ram .rm .iso .raw .wav .mov
# Does not make sense, disabled.
#acl restuser proxy_auth ncsa_users

# Added nsca_users in a boolean AND fashion
delay_pools 3
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_access 1 allow ncsa_users magic_words1
delay_access 1 deny all
delay_class 2 2
delay_parameters 2 5000/150000 5000/120000
delay_access 2 allow ncsa_users magic_words2
delay_access 2 deny all
# May need to tweak params, Class 1 means a total-server level bucket,
not per host.
delay_class 3 1
# 256 Kbit/s fill rate, 1024 Kbit/s reserve
delay_parameters 3 32000/128000
delay_access 3 allow ncsa_users
delay_access 3 deny all

From: "Chad Naugle" <>
Sent: Tuesday, November 09, 2010 3:10 PM
To: "J Webster" <>;
Subject: Re: [squid-users] Re: Bandwidth split?

> So, where is the ncsa_users acl definition? Is it a
> auth_param, or just a plan ACL ?

Travel Impressions made the following annotations
"This message and any attachments are solely for the intended recipient
and may contain confidential or privileged information. If you are not
the intended recipient, any disclosure, copying, use, or distribution of
the information included in this message and any attachments is
prohibited. If you have received this communication in error, please
notify us by reply e-mail and immediately and permanently delete this
message and any attachments.
Thank you."
Received on Tue Nov 09 2010 - 15:23:00 MST

This archive was generated by hypermail 2.2.0 : Tue Nov 09 2010 - 12:00:02 MST