(logIn only challenges and fetches auth if it is tested, it is only
tested when the IP is in 'other_subnet').
But I need a username/password box to be sent to the user by default unless the
IP address = 212.234.34.43
The above comment sounds like it will only send a username/password request
On 01/05/11 20:38, J. Webster wrote:
(logIn only challenges and fetches auth if it is tested, it is only
tested when the IP is in 'other_subnet').
But I need a username/password box to be sent to the user by default unless the
IP address = 212.234.34.43
The above comment sounds like it will
How they interact is entirely up to you and your configuration.
The http_access lists are a full-blown boolean programming language with
hundreds of ACL permutations and paths you can configure.
It is perfectly possible to configure in a way where they don't
interact, BUT you need to
Both yes and no and no.
Yes to something, any scripting or executable language can be used.
Via *external_acl_type* (NOT auth_param).
STDIN passes the username and password but how does squid pass the IP address
to the squid helper?
On 30/04/11 22:31, J. Webster wrote:
Both yes and no and no.
Yes to something, any scripting or executable language can be used.
Via *external_acl_type* (NOT auth_param).
STDIN passes the username and password but how does squid pass the IP address
to the squid helper?
On 30/04/11 22:46, J. Webster wrote:
Something has gone wrong external ACL should not be getting the username
and password. It should be getting the IP address on STDIN.
Of the examples, that I can find they all talk about the username and password
bewing sent from squid:
Ah, that tutorial is about writing an authentication helper (ie
ncsa_auth). Not an ACL helper.
The difference being that external_acl_type ACL helpers auth*orize* the
request permission to do something in Squid because it matches an IP
used by some username.
auth_param helpers
On 01/05/11 05:00, J. Webster wrote:
Ah, that tutorial is about writing an authentication helper (ie
ncsa_auth). Not an ACL helper.
The difference being that external_acl_type ACL helpers auth*orize* the
request permission to do something in Squid because it matches an IP
used by some
On 30/04/11 02:56, J. Webster wrote:
Is it possible to run 2 squids on the same server? I have an existing
proxy that has ncsa auth via direct connections to the proxy. I would
also like to route port 80 traffic from a VPN through a transparent
proxy but without any authentication. Is this
yes. yes. wrong. no it does not.
You seem very confused about Squid capabilities...
- *add* a second http_port with intercept flag (or transparent if
its an old Squid).
- configure iptables to pass the VPN port 80 traffic *to* that new
Squid port.
- configure iptables to prevent direct
On 30/04/11 04:50, J. Webster wrote:
yes. yes. wrong. no it does not.
You seem very confused about Squid capabilities...
- *add* a second http_port with intercept flag (or transparent if
its an old Squid).
- configure iptables to pass the VPN port 80 traffic *to* that new
Squid port.
-
So, I can do this all with one squid service listening on different ports?
Yes.
Out of interest, I had a post the other day: proxy external ip address
acl
You mentioned that adding an extra authentication would mess with the
existing ncsa auth.
Can I therefore add a 2nd
On 30/04/11 06:03, J. Webster wrote:
So, I can do this all with one squid service listening on
different ports?
Yes.
Out of interest, I had a post the other day: proxy external ip
address acl You mentioned that adding an extra authentication
would mess with the existing ncsa auth. Can I
If by forwarded you mean NAT. Authentication is not possible. See the
FAQ about why.
http://wiki.squid-cache.org/SquidFaq/InterceptionProxy#Why_can.27t_I_use_authentication_together_with_interception_proxying.3F
Are there any examples for having 2 authentication methods run at
once?
On 30/04/11 07:38, J. Webster wrote:
If by forwarded you mean NAT. Authentication is not possible. See the
FAQ about why.
http://wiki.squid-cache.org/SquidFaq/InterceptionProxy#Why_can.27t_I_use_authentication_together_with_interception_proxying.3F
Are there any examples for having 2
15 matches
Mail list logo
