Mark Engels wrote: > Hello all, > > Im hopeing this is the place to come when seeking some assistance with a > squid proxy configuration issue thats giving myself a little grief, and i > certainly hope nothing like this has been asked before. > > The general idea of what im trying to accomplish is to have a end user enter > their username and password credentials as they normaly would do, (there is > quota enforcement and site blocking higher up that i have limited control > over) and have it so that when a user say goes to www.educationalmaterial.com > the local squid proxy users a pre defined username and password to access the > material thus not charging the user quota download costs for accessing the > material. > > The proxy server was supplied to us from head office with pre configured > rules to work as a local cache. I hope to leave all the existing rules in > place. also all our internet service must filter through this 1 provided > proxy, we cannot source external internet or alternet proxies.. > > A portion of the configuration file is as below. > > ##### > > cache_peer proxy.site.com parent 8080 3130 no-query default login=PASS > auth_param digest children 5 > auth_param digest realm Squid proxy-caching web server > auth_param digest nonce_garbage_interval 5 minutes > auth_param digest nonce_max_duration 30 minutes > auth_param digest nonce_max_count 50 > auth_param basic children 5 > auth_param basic realm Squid proxy-caching web server > auth_param basic credentialsttl 2 hours > auth_param basic casesensitive off > acl all src 0.0.0.0/0.0.0.0 > acl manager proto cache_object > acl localhost src 127.0.0.1/255.255.255.255 > acl to_localhost dst 127.0.0.0/8 > acl SSL_ports port 443 563 > acl Safe_ports port 80 # http > acl Safe_ports port 21 # ftp > acl Safe_ports port 443 563 # https, snews > acl Safe_ports port 70 # gopher > acl Safe_ports port 210 # wais > acl Safe_ports port 1025-65535 # unregistered ports > acl Safe_ports port 280 # http-mgmt > acl Safe_ports port 488 # gss-http > acl Safe_ports port 591 # filemaker > acl Safe_ports port 777 # multiling http > acl CONNECT method CONNECT > http_access allow manager localhost > http_access deny manager > http_access deny !Safe_ports > http_access deny CONNECT !SSL_ports > acl block url_regex -i "d:/squid/var/logs/block.conf" > acl unblock url_regex -i "d:/squid/var/logs/unblock.conf" > acl nocache url_regex -i "d:/squid/var/logs/nocache.conf" > no_cache deny nocache > http_access deny block !unblock > http_access allow all > http_access deny all > http_reply_access allow all > > > ##### > i thought it would be a simple thing to make the required changes and started > to aproach with adding the following > ##### > > cache_peer proxy.site.com parent 8080 3130 no-query login="free > user":pa$$word name=free > cache_peer_access free allow free_sites > cache_peer_access free deny all > acl free_sites url_regex -i "d:/squid/var/logs/freesites.conf" > > ##### > > unfortunately this seemed to break the local cache and im not too sure where > ive gone wrong. any help in this or even an alternate solution would be > greatly apreciated. >
You have the right idea. Thats how its done. But whitespace is not permitted in the parameter. What you have there is no password with username "free . > note: changed proxy name and user credentials for privacy reasons, and > running squid 2.5 on local and upstream server. > Please see my sig... :) Your HQ provider may need to be made aware that there is no longer any official support for 2.5. The oldest fully supported version is now 2.7. Amos -- Please be using Current Stable Squid 2.7.STABLE7 or 3.0.STABLE24 Current Beta Squid 3.1.0.16 Thankyou for your help amos :) unfortunately i doubt HQ will even consider changing this system under the current management as it effects tens of thousands of users... education ;-) perhaps you might be able to help again, all of our users must have a space in their account name. it is mandatory in account creation. would there be a way arround this? (perhaps %20 like in html?) i hope the solution isnt in the 3.0 version of squid or that a work arround for 2.5 might be available?
