[squid-users] Allowing sites without proxy_auth?

From: Anthony <[email protected]>
Date: Fri, 27 Aug 2004 09:16:24 +1000

Hello, I am only new to squid, and am looking to implement an extra
"feature" in my workplace.

At the moment, we are using proxy_auth to force all users' to type their
username and password before accessing any website.

What I wish to do is to allow certain sites access without the need for a
username/password. For example http://windowsupdate.microsoft.com

I am aware I need to use ACL's, but am not sure what, or where, I need to
put them in.
Below is what I have in my squid.conf file for the ACL config.

######## START squid.conf CODE ##########
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl allowed_hosts src 172.29.73.0/255.255.255.192
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl ncsa_users proxy_auth REQUIRED

http_access allow ncsa_users
http_access deny manager all
http_access allow allowed_hosts
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all
######## END squid.conf CODE ##########

Any help would be much appreciated!!

Kind regards,

Anthony.
Received on Thu Aug 26 2004 - 17:16:41 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Sep 01 2004 - 12:00:02 MDT