Re: [squid-users] 24h trusted IP

From: Will Roberts <>
Date: Wed, 10 Aug 2011 17:31:42 -0400

On Wed, Aug 10, 2011 at 12:56 PM, alexus <> wrote:
> 2) add ip for 24h to a trusted list, so it will not prompt for
> userid/password until 24h is expired

Add an external_acl_helper that checks against a list of trusted IPs.
It's up to you to maintain that list, but that shouldn't be hard. I
don't have the 24 hour constraint, but needed to allow certain IPs to
not require user/pass, so here's my helper:


while true
 read LINE
 RESULT=`sed -n s/"$LINE "//p /etc/squid3/auth.ips`
 if [ -z "$RESULT" ]; then
   echo ERR 2> /dev/null
   echo OK user=$RESULT 2> /dev/null

 if [ $? -ne 0 ]; then
   exit 1;

The auth.ips file looks like: user1 user2

Then in squid.conf I have this to define the helper:

external_acl_type ipauth children=1 %SRC /etc/squid3/
acl ip-auth external ipauth

Then you allow access using ip-auth before your current acl that prompts.

Received on Wed Aug 10 2011 - 21:31:49 MDT

This archive was generated by hypermail 2.2.0 : Thu Aug 11 2011 - 12:00:01 MDT