there is an entire wiki article to this exact topic.
http://wiki.squid-cache.org/ConfigExamples/Authenticate/Bypass
every matching http_access line before the required auth is
unauthenticated. the http_access line requiring auth and all matching
http_access lines after it are authenticated.
On Tue, 2013-06-04 at 13:06 +0200, Josef Karliak wrote:
> Hi,
> I wanna let some IPs bypass radius authorization, like a server IP.
> Another users and theirs computers must authorized. So I've this in
> the squid.conf:
>
> auth_param basic program /usr/bin/basic_radius_auth -f /etc/radius_config
> auth_param basic children 5
> auth_param basic realm Authorized access
> auth_param basic credentialsttl 5 minute
> auth_param basic casesensitive on
>
> acl auth proxy_auth REQUIRED
>
> http_access allow auth
> http_access deny all
>
> I thought that I'll have vip IPs in some file and tell squid that this
> source IP's will have an access to the internet free without
> authorization:
>
> auth_param basic program /usr/bin/basic_radius_auth -f /etc/radius_config
> auth_param basic children 5
> auth_param basic realm Authorized access
> auth_param basic credentialsttl 5 minute
> auth_param basic casesensitive on
>
> acl auth proxy_auth REQUIRED
> acl vip src "/etc/squid/vip_bypass_auth.txt"
>
> http_access allow auth
> http_access allow vip
> http_access deny all
>
>
>
> File "/etc/squid/vip_bypass_auth.txt" contains IP 192.168.4.51 - my testing PC
>
> But an internet browser in the testing PC asks for login and password,
> after escaping it the "access to squid is denied" :-/
>
> What did I missed ?
>
> Thanks for kicks to the right way and best regards
> J.Karliak.
>
Received on Tue Jun 04 2013 - 11:17:10 MDT
This archive was generated by hypermail 2.2.0 : Tue Jun 04 2013 - 12:00:10 MDT