Re: [squid-users] Denying user access based on proxy_auth

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Tue, 02 May 2006 18:26:43 +0200

tis 2006-05-02 klockan 09:05 -0700 skrev Geoff Varney:

> acl denied_users proxy_auth_regex -i '/etc/squid2/denied_users'
>
> where the denied_users file has a list of users who are not allowed access
> in the form of: john.smith

shouldn't that be a proxy_auth acl, not proxy_auth_regex?

> name "smith" to my denied_users file. Now not only is "smith" denied
> access, but also "john.smith".

Right, and this is because you are using the regex variant of the ACL so
what you place in the file should be regex patterns, not usernames.

  man 7 regex

> I have tried removing the regex piece (acl
> denied_users proxy_auth '/etc/squid2/denied_users' and that doesn't seem to
> block anyone.

Should work.

> I have also tried (with and without regex piece) making the
> names in denied_users in the form of domain\john.smith, but that also
> doesn't block anyone.

What does access.log say in the username field? The list of users needs
to follow the same format (minus URL-encoding).

Regards
Henrik

Received on Tue May 02 2006 - 10:27:05 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Jun 01 2006 - 12:00:01 MDT