Re: Fwd: Re: [squid-users] Re: Bandwidth split?

Hmm, I'm used to 3.X branches, so that's probably why.

>>> "J Webster" <webster_jack_at_hotmail.com> 11/9/2010 11:33 AM >>>
It fails unless I add this line back in:
acl all src 0.0.0.0/0.0.0.0

--------------------------------------------------
From: "Chad Naugle" <Chad.Naugle_at_travimp.com>
Sent: Tuesday, November 09, 2010 5:07 PM
To: "J Webster" <webster_jack_at_hotmail.com>
Cc: <squid-users_at_squid-cache.org>
Subject: Fwd: Re: [squid-users] Re: Bandwidth split?

>
>
>>>> Chad Naugle 11/9/2010 11:03 AM >>>
> Make sure to check for line-wrapping, my email keeps doing that.
>
> ---------------------------------------------
> Chad E. Naugle
> Tech Support II, x. 7981
> Travel Impressions, Ltd.
>
>
>
>>>> "J Webster" <webster_jack_at_hotmail.com> 11/9/2010 10:59 AM >>>
> Hmm
> Thanks.
> I've made those changes but now squid won;t restart.
> I thought it was this line but I changed it and still no go:
>> # May need to tweak params, Class 1 means a total-server level
> bucket,
>> not per host.
>
>
> --------------------------------------------------
> From: "Chad Naugle" <Chad.Naugle_at_travimp.com>
> Sent: Tuesday, November 09, 2010 4:22 PM
> To: "J Webster" <webster_jack_at_hotmail.com>;
> <squid-users_at_squid-cache.org>
> Subject: Re: [squid-users] Re: Bandwidth split?
>
>> Make sure that your path to ncsa_auth is correct, and that your
>> squid_passwd file is correct.
>> A few modifications I've made below:
>>
>> ---------------------------------------------
>> Chad E. Naugle
>> Tech Support II, x. 7981
>> Travel Impressions, Ltd.
>>
>>
>>
>>>>> "J Webster" <webster_jack_at_hotmail.com> 11/9/2010 9:19 AM >>>
>> It is defines earlier in the conf as:
>>
>> # Moved
>> auth_param basic program /usr/lib/squid/ncsa_auth
>> /etc/squid/squid_passwd
>> auth_param basic realm "AName proxy server"
>> auth_param basic credentialsttl 2 hours
>> authenticate_cache_garbage_interval 1 hour
>> authenticate_ip_ttl 2 hours
>> # "all" should already be pre-defined.
>> #acl all src 0.0.0.0/0.0.0.0
>> acl manager proto cache_object
>> acl localhost src 127.0.0.1/255.255.255.255
>> acl cacheadmin src 88.xxx.xxx.xxx
>> acl to_localhost dst 127.0.0.0/8
>> acl SSL_ports port 443
>> acl Safe_ports port 80 # http
>> acl Safe_ports port 21 # ftp
>> acl Safe_ports port 443 # https
>> acl Safe_ports port 70 # gopher
>> acl Safe_ports port 210 # wais
>> acl Safe_ports port 1025-65535 # unregistered ports
>> acl Safe_ports port 280 # http-mgmt
>> acl Safe_ports port 488 # gss-http
>> acl Safe_ports port 591 # filemaker
>> acl Safe_ports port 777 # multiling http
>> acl Safe_ports port 1863 # MSN messenger
>> acl ncsa_users proxy_auth REQUIRED
>> acl maxuser max_user_ip -s 2
>> acl CONNECT method CONNECT
>> http_access deny manager
>> http_access deny !Safe_ports
>> http_access deny CONNECT !SSL_ports
>> http_access deny to_localhost
>> http_access deny maxuser
>> http_access allow localhost
>> # Moved
>> http_access allow ncsa_users
>> http_access deny all
>> icp_access allow all
>>
>> # Added from other email
>>
>> acl magic_words1 url_regex -i 192.168
>> acl magic_words2 url_regex -i ftp .exe .mp3 .vqf .tar.gz .gz .rpm
> .zip
>> .rar .avi .mpeg .mpe .mpg .qt .ram .rm .iso .raw .wav .mov
>> # Does not make sense, disabled.
>> #acl restuser proxy_auth ncsa_users
>>
>> # Added nsca_users in a boolean AND fashion
>> delay_pools 3
>> delay_class 1 2
>> delay_parameters 1 -1/-1 -1/-1
>> delay_access 1 allow ncsa_users magic_words1
>> delay_access 1 deny all
>> delay_class 2 2
>> delay_parameters 2 5000/150000 5000/120000
>> delay_access 2 allow ncsa_users magic_words2
>> delay_access 2 deny all
>> # May need to tweak params, Class 1 means a total-server level
> bucket,
>> not per host.
>> delay_class 3 1
>> # 256 Kbit/s fill rate, 1024 Kbit/s reserve
>> delay_parameters 3 32000/128000
>> delay_access 3 allow ncsa_users
>> delay_access 3 deny all
>>
>>
>> --------------------------------------------------
>> From: "Chad Naugle" <Chad.Naugle_at_travimp.com>
>> Sent: Tuesday, November 09, 2010 3:10 PM
>> To: "J Webster" <webster_jack_at_hotmail.com>;
>> <squid-users_at_squid-cache.org>
>> Subject: Re: [squid-users] Re: Bandwidth split?
>>
>>> So, where is the ncsa_users acl definition? Is it a
>> external_acl_type,
>>> auth_param, or just a plan ACL ?
>>>
>>
>>
>>
>> Travel Impressions made the following annotations
>> -------------------------------------------------------------
>> "This message and any attachments are solely for the intended
> recipient
>> and may contain confidential or privileged information. If you are
> not
>> the intended recipient, any disclosure, copying, use, or
distribution
> of
>> the information included in this message and any attachments is
>> prohibited. If you have received this communication in error,
> please
>> notify us by reply e-mail and immediately and permanently delete
> this
>> message and any attachments.
>> Thank you."
>>
>
>
> Travel Impressions made the following annotations
> -------------------------------------------------------------
> "This message and any attachments are solely for the intended
recipient
> and may contain confidential or privileged information. If you are
not
> the intended recipient, any disclosure, copying, use, or distribution
of
> the information included in this message and any attachments is
> prohibited. If you have received this communication in error,
please
> notify us by reply e-mail and immediately and permanently delete
this
> message and any attachments.
> Thank you."
>

Travel Impressions made the following annotations
-------------------------------------------------------------
"This message and any attachments are solely for the intended recipient
and may contain confidential or privileged information. If you are not
the intended recipient, any disclosure, copying, use, or distribution of
the information included in this message and any attachments is
prohibited. If you have received this communication in error, please
notify us by reply e-mail and immediately and permanently delete this
message and any attachments.
Thank you."
Received on Tue Nov 09 2010 - 16:40:36 MST