Re: [squid-users] can not access sites due to acl when using ntlm auth

From: <Jim_Brouse/[email protected]>
Date: Wed, 18 Aug 2004 15:19:20 -0700

I read chapter 10 and also looked in Squid the Definitive Guide and I can
not find any thing in those references that would make me want to change my
acls. Would it make sends that I need this many acls depending upon my
needs correct?

Jim Brouse
Internet Administrator
Information Technology Department
Pascua Yaqui Tribe of Arizona
Phone: 520-879-5813
E-mail: jbrouse@pascuayaqui-nsn.gov

                                                                                                                                              
                    Henrik
                    Nordstrom To: Jim_Brouse/PYT@PASCUAYAQUITRIBE.ORG
                    <hno@squid-cac cc:
                    he.org> Subject: Re: [squid-users] can not access sites due to acl when using ntlm auth
                                                                                                                                              
                    08/18/2004
                    11:23 AM
                                                                                                                                              
                                                                                                                                              

On Wed, 18 Aug 2004 Jim_Brouse/PYT@PASCUAYAQUITRIBE.ORG wrote:

> egrep -v '^$|^#' /etc/squid/squid.conf |grep http_access
> http_access allow manager localhost
> http_access deny manager
> http_access allow KIOSK.dstdomain
> http_access allow KIOSK
> http_access deny KIOSK
> http_access allow MYAIRMAIL
> http_access allow PAGING
> http_access deny PAGING
> http_access deny BLOCK.NOT.YAHOO
> http_access allow YAHOOMESSENGER
> http_access deny YAHOOMESSENGER
> http_access deny BLOCK.NOT.AOL
> http_access allow AOL
> http_access deny AOL
> http_access deny lab.src lab.dstdomain
> http_access allow lab.src
> http_access deny lab.src
> http_access allow LOG-ONLY-HOSTS
> http_access deny NO.NONBLOCK NONBLOCK
> http_access allow NONBLOCK
> http_access allow NONPORN
> http_access deny BLOCK
> http_access deny MIMEBLOCK
> http_access deny RESTRICTED-BROWSER
> http_access deny RESTRICTED-DOM
> http_access allow manager ADMIN-HOSTS
> http_access deny manager
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> http_access deny to_localhost
> http_access deny all

I think you need to clean this up somewhat to get it under control. Spend
some time reading the introduction in Squid FAQ chapter 10 Access
Controls.

And please keep discusion on the mailinglist thanks.

Regards
Henrik
Received on Wed Aug 18 2004 - 16:19:23 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Sep 01 2004 - 12:00:02 MDT