FYI access.log 1433958220.321 227 192.168.27.81 TCP_MISS/504 0 CONNECT wevhbpyvhx.spotilocal.com:4370 proxyvipstr DIRECT/127.0.0.1 - 1433958220.421 2 192.168.27.81 TCP_MISS/504 0 CONNECT wevhbpyvhx.spotilocal.com:4371 proxyvipstr DIRECT/127.0.0.1 - 1433958220.595 3 192.168.27.81 TCP_MISS/504 0 CONNECT wevhbpyvhx.spotilocal.com:4372 proxyvipstr DIRECT/127.0.0.1 - 1433958220.664 2 192.168.27.81 TCP_MISS/504 0 CONNECT wevhbpyvhx.spotilocal.com:4373 proxyvipstr DIRECT/127.0.0.1 - 1433958220.795 2 192.168.27.81 TCP_MISS/504 0 CONNECT wevhbpyvhx.spotilocal.com:4374 proxyvipstr DIRECT/127.0.0.1 - 1433958220.812 1 192.168.27.81 TCP_MISS/504 0 CONNECT wevhbpyvhx.spotilocal.com:4375 proxyvipstr DIRECT/127.0.0.1 - 1433958220.824 2 192.168.27.81 TCP_MISS/504 0 CONNECT wevhbpyvhx.spotilocal.com:4376 proxyvipstr DIRECT/127.0.0.1 - 1433958220.838 1 192.168.27.81 TCP_MISS/504 0 CONNECT wevhbpyvhx.spotilocal.com:4377 proxyvipstr DIRECT/127.0.0.1 - 1433958220.853 1 192.168.27.81 TCP_MISS/504 0 CONNECT wevhbpyvhx.spotilocal.com:4378 proxyvipstr DIRECT/127.0.0.1 - 1433958220.877 3 192.168.27.81 TCP_MISS/504 0 CONNECT wevhbpyvhx.spotilocal.com:4379 proxyvipstr DIRECT/127.0.0.1 -
2015-06-10 14:39 GMT-03:00 Jonathan Filogna <jonathan.filo...@tasso.com.ar>: > Hi all, it's me again, just a simple question > > I've configured an squid 2.7 with ntlm auth and i want to let some AD > users to listen spotify > > My problem is that spotify streaming is being blocked by squid to this > group and idk why. Maybe another syntax problem? > > here's my squid.conf > > > ###########################SQUID.CONF > > visible_hostname prana > > auth_param ntlm program /usr/bin/ntlm_auth > --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 5 > auth_param ntlm keep_alive on > > > external_acl_type ntlm_group ttl=3600 children=100 %LOGIN /usr/lib/squid/ > wbinfo_group.pl > > > acl porno url_regex -i "/etc/squid/listas/porno.lst" > acl permitidos dstdomain -i "/etc/squid/listas/permitidos.lst" > acl directo url_regex -i "/etc/squid/listas/direct.lst" > acl vidyaud rep_mime_type -i "/etc/squid/listas/blockstr.lst" > acl useragent browser -i "/etc/squid/blockejec/browser.lst" > acl blockstr req_mime_type -i "/etc/squid/blockejec/blocstreaming.lst" > acl blockejec url_regex -i "/etc/squid/blockejec/blockejec.lst" > acl audyvid req_mime_type -i "/etc/squid/listas/blockstr.lst" > acl blockstr2 rep_mime_type -i "/etc/squid/blockejec/blocstreaming.lst" > acl destinolimitado dstdomain -i "/etc/squid/listas/limitado.lst" > > acl all src all > acl CONNECT method CONNECT > acl manager proto cache_object > acl webserver src 192.168.8.121/255.255.255.255 > http_access allow manager webserver > http_reply_access allow manager webserver > http_access deny manager > > http_access deny porno all > http_reply_access deny porno all > acl uservipstr external ntlm_group "/etc/squid/listas/uservipstr.lst" > > http_access deny blockejec uservipstr > > http_access allow uservipstr > http_reply_access allow uservipstr > > http_access deny blockstr !uservipstr all > http_reply_access deny blockstr !uservipstr all > http_access deny blockstr2 !uservipstr all > http_reply_access deny blockstr2 !uservipstr all > http_access deny audyvid !uservipstr all > http_access deny vidyaud !uservipstr all > http_reply_access deny audyvid !uservipstr all > http_reply_access deny vidyaud !uservipstr all > > acl SSL_ports port 443 # https > acl SSL_ports port 563 # snews > acl SSL_ports port 873 # rsync > acl Safe_ports port 80 # http > acl Safe_ports port 21 # ftp > acl Safe_ports port 443 # https > acl Safe_ports port 70 # gopher > acl Safe_ports port 210 # wais > acl Safe_ports port 1025-65535 # unregistered ports > acl Safe_ports port 280 # http-mgmt > acl Safe_ports port 488 # gss-http > acl Safe_ports port 591 # filemaker > acl Safe_ports port 777 # multiling http > acl Safe_ports port 631 # cups > acl Safe_ports port 873 # rsync > acl Safe_ports port 901 # SWAT > acl Safe_ports port 78 69 #Spotify > > > > # Deny requests to unknown ports > #http_access allow Safe_ports > http_access deny !Safe_ports > # Deny CONNECT to other than SSL ports > http_access deny CONNECT !SSL_ports > > acl ntlm proxy_auth REQUIRED > http_access allow ntlm > http_reply_access allow ntlm > http_access deny all > http_reply_access deny all > > ########### > > thank you all > > -- > Jonathan Filogna > It Senior > Tasso SRL > 4702 1910 > -- Jonathan Filogna It Senior Tasso SRL 4702 1910
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users