Mailinglist Archive: opensuse-security (396 mails)
| < Previous | Next > |
Re: [suse-security] problem with SQUID
- From: "Bernhard Held" <bheld@xxxxxxx>
- Date: Thu, 16 Jan 2003 14:43:58 +0100
- Message-id: <00c601c2bd65$522331e0$e7061bac@xxxxxxx>
> I use suse 7.3
> Internal network connect to internet by setting port
> 3128 in IE but when i set in squid.conf for
> authenticate_program that get windows login for users,
> IE don't get any windows and Internal network
> (clients) connect to internet normally without login
> I set these options in squid.conf:
>
> authenticate_program /usr/sbin/pam_auth
> acl password proxy_auth payam
> acl users src 192.168.1.0/255.255.252.0
> http_access allow users
> http_access allow password
I'm not sure, if I fully understood your problem, but I guess you want proxy
authentication for your clients in the internal network:
> acl users src 192.168.1.0/255.255.252.0
> http_access allow users
These 2 lines grants all your users form the given network access to squid.
They don't need to authenticate.
> authenticate_program /usr/sbin/pam_auth
> acl password proxy_auth payam
> http_access allow password
The user payam can authenticate by pam_auth.
Very important is to append the last line:
http_access deny all
Bernhard
> Internal network connect to internet by setting port
> 3128 in IE but when i set in squid.conf for
> authenticate_program that get windows login for users,
> IE don't get any windows and Internal network
> (clients) connect to internet normally without login
> I set these options in squid.conf:
>
> authenticate_program /usr/sbin/pam_auth
> acl password proxy_auth payam
> acl users src 192.168.1.0/255.255.252.0
> http_access allow users
> http_access allow password
I'm not sure, if I fully understood your problem, but I guess you want proxy
authentication for your clients in the internal network:
> acl users src 192.168.1.0/255.255.252.0
> http_access allow users
These 2 lines grants all your users form the given network access to squid.
They don't need to authenticate.
> authenticate_program /usr/sbin/pam_auth
> acl password proxy_auth payam
> http_access allow password
The user payam can authenticate by pam_auth.
Very important is to append the last line:
http_access deny all
Bernhard
| < Previous | Next > |