I'm running Squid 2.5 Stable4 on Linux Mandrake 8.2 Squid_auth_ldap helper to authenticate users coming into our network through our gateway
I have to authenticate users that come from our gateway only (others don't need to autheticate) And I have to set different Internet access level for these users. Squid can see only one IP for these users: the gateway IP So I set up 3 users groups (auth_burkina,auth_zongo, auth_libre) and 3 different access level (d_delmas,d_zongo,d_libre) Here is my squid.conf #==================================================== #acl for users who don't need to authenticate #everything is ok and work fine acl D_LIBRE dst all acl D_DELMAS dstdomain .google.com ... ... #==================================================== #rules for users who need to authenticate #our gateway acl PASSERELLE src 172.16.0.14 #groups acl AUTH_BURKINA proxy_auth burkina REQUIRED acl AUTH_ZONGO proxy_auth zongo REQUIRED acl AUTH_LIBRE proxy_auth ballion REQUIRED #destination acl D_ZONGO dstdomain .voila.fr #rules http_access allow PASSERELLE AUTH_BURKINA D_DELMAS http_access allow PASSERELLE AUTH_ZONGO D_ZONGO http_access allow PASSERELLE AUTH_LIBRE D_LIBRE #===================================================== My problem is : after my users authenticate successfully, auth_burkina should only access to d_delmas but they access also to d_zongo and d_libre. auth_zongo should only access to d_delmas and d_zongo but they access alos to d_libre. How can I make auth_burkina group access only to d_delmas auth_zongo access only to d_delmas and d_zongo auth_libre access only to d_libre? What am I doing wrong? Please help Thanks and regards Yannick Masse
