[squid-users] bypass localnet

From: Norman Zhang <[email protected]>
Date: Fri, 8 Aug 2003 14:54:43 -0700

Hi,

I have proxy setup to authenticate users via NTLM for internet access. I
can't seem to able to allow local users to bypass authentication for
localsubnets http access. May I asked what ACL I need to set?

Regards,
Norman

external_acl_type NT_global_group %LOGIN /usr/lib/squid/wb_group

acl ProxyUsers external NT_global_group ProxyUsers
acl authusrs proxy_auth REQUIRED
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl localnet src 192.168.x.0/26 192.168.y.0/25

http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
# http_access allow localnet
http_access allow authusrs ProxyUsers
# http_access allow authusrs localnet
http_access allow localhost
http_access deny all
Received on Fri Aug 08 2003 - 16:08:34 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:18:47 MST