[squid-users] ident users

From: Sam Carleton <sam@dont-contact.us>
Date: Thu, 26 Dec 2002 10:47:49 -0500

I am trying to configure squid's acl so that anyone on one
network has access to the cache, and only current folks on
another network have access. The first network is the
192.168.0.0/24 and is working fine. The second network is the
172.16.0.0/24 and is not working, but then I don't have a clue
as to what I am doing. Currently 172.16.0.0/24 does not have
access to squid with the current ACL setting.

would someone be a kind sole and take a look at the below
configureation and enlighten me to what is wrong:

#Recommended minimum configuration:
acl myclients src 192.168.0.0/24
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager
http_access allow myclients

http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

acl ident_aware_hosts src 172.16.0.0/255.255.255.0
ident_lookup_access allow ident_aware_hosts
ident_lookup_access deny all

Sam
Received on Thu Dec 26 2002 - 08:47:52 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:12 MST