[squid-users] setup squid for two type of users

From: Julio Misael Gutierrez <[email protected]>
Date: Thu, 17 Feb 2005 11:28:59 -0600

I have two type of user in my network:
navegacion, for browse all internet
navegainterna, for browse only my 2 sites
but my second group of users can not browse any site
How Can I setup for get it?

my current configuration in squid.conf is:

http_port 0.0.0.0:3128
ssl_unclean_shutdown off
icp_port 0
udp_incoming_address 0.0.0.0
udp_outgoing_address 255.255.255.255
icp_query_timeout 0
maximum_icp_query_timeout 2000
mcast_icp_query_timeout 2000
dead_peer_timeout 10 seconds
hierarchy_stoplist cgi-bin
hierarchy_stoplist ?
no_cache Deny QUERY
cache_mem 134217728 bytes
cache_swap_low 90
cache_swap_high 95
maximum_object_size 4194304 bytes
minimum_object_size 0 bytes
maximum_object_size_in_memory 8192 bytes
ipcache_size 1024
ipcache_low 90
ipcache_high 95
fqdncache_size 1024
cache_replacement_policy heap GDSF
memory_replacement_policy heap GDSF
cache_dir diskd /var/spool/squid 2000 16 256 Q1=64 Q2=72
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
emulate_httpd_log off
log_ip_on_direct on
mime_table /etc/squid/mime.conf
log_mime_hdrs off
pid_filename /var/run/squid.pid
debug_options ALL,1
log_fqdn off
client_netmask 255.255.255.255
ftp_user Squid@
ftp_list_width 32
ftp_passive on
ftp_sanitycheck on
dns_retransmit_interval 5 seconds
dns_timeout 300 seconds
hosts_file /etc/hosts
diskd_program /usr/lib/squid/diskd
unlinkd_program /usr/lib/squid/unlinkd
redirect_program /usr/bin/squidGuard
redirect_program -c
redirect_program /etc/squid/squidguard.conf
redirect_children 5
redirect_rewrites_host_header on
authenticate_cache_garbage_interval 3600 seconds
authenticate_ttl 3600 seconds
authenticate_ip_ttl 0 seconds
wais_relay_port 0
request_header_max_size 10240 bytes
 quick_abort_min 16 KB
quick_abort_max 16 KB
quick_abort_pct 95
negative_ttl 300 seconds
positive_dns_ttl 21600 seconds
negative_dns_ttl 300 seconds
range_offset_limit 0 bytes
connect_timeout 120 seconds
peer_connect_timeout 30 seconds
read_timeout 900 seconds
request_timeout 300 seconds
persistent_request_timeout 60 seconds
client_lifetime 86400 seconds
half_closed_clients on
pconn_timeout 120 seconds
ident_timeout 10 seconds
shutdown_lifetime 30 secondsrequest_body_max_size 0 bytes
acl QUERY urlpath_regex cgi-bin
acl QUERY urlpath_regex \?
acl localnet src 192.168.1.0/255.255.255.0
acl localhost src 127.0.0.1
acl safe_ports port 80
acl safe_ports port 1025-65535
acl safe_ports port 443
acl safe_ports port 210
acl safe_ports port 70
acl safe_ports port 21
acl CONNECT method CONNECT
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl navegainterna src 192.168.1.10-192.168.1.150
acl navegacion src 192.168.1.200-192.168.1.227
acl mtps dstdomain mycompany1.com mycompany2.net http_access Allow manager
localnet
http_access Allow localhost
http_access Deny !safe_ports
http_access Allow navegainterna mtps
http_access Allow navegacion
http_access Deny CONNECT
http_access Deny all
http_reply_access Allow all
icp_access Deny all
ident_lookup_access Deny all
reply_body_max_size 0 Allow all
cache_mgr hsumner@mtps.gob.sv
cache_effective_user squid
cache_effective_group squid
visible_hostname proxy.mtps.net
announce_period 31536000 seconds
announce_host tracker.ircache.net
announce_port 3131
httpd_accel_port 80
httpd_accel_single_host off
httpd_accel_with_proxy off
httpd_accel_uses_host_header off
dns_testnames netscape.com
dns_testnames internic.net
dns_testnames nlanr.net
dns_testnames microsoft.com
logfile_rotate 0
tcp_recv_bufsize 0 bytes
err_html_text
memory_pools on
memory_pools_limit 0 bytes
forwarded_for on
log_icp_queries off
icp_hit_stale off
minimum_direct_hops 4
minimum_direct_rtt 400
cachemgr_passwd XXXXXXXXXX all
store_avg_object_size 13 KB
store_objects_per_bucket 20
client_db on
netdb_low 900
netdb_high 1000
netdb_ping_period 300 seconds
query_icmp off
test_reachability off
buffered_logs on
reload_into_ims off
icon_directory /usr/share/squid/icons
error_directory /usr/share/squid/errors/Spanish
minimum_retry_timeout 5 seconds
maximum_single_addr_tries 3
snmp_port 0
snmp_access Deny all
snmp_incoming_address 0.0.0.0
snmp_outgoing_address 255.255.255.255
as_whois_server whois.ra.net
wccp_router 0.0.0.0
wccp_version 4
wccp_incoming_address 0.0.0.0
wccp_outgoing_address 255.255.255.255
delay_pools 0
delay_initial_bucket_level 50
incoming_icp_average 6
incoming_http_average 4
incoming_dns_average 4
min_icp_poll_cnt 8
min_dns_poll_cnt 8
min_http_poll_cnt 8
max_open_disk_fds 0
offline_mode off
uri_whitespace strip
nonhierarchical_direct on
prefer_direct off
strip_query_terms on
coredump_dir none
redirector_bypass off
ignore_unknown_nameservers on
client_persistent_connections on
server_persistent_connections on
pipeline_prefetch off
request_entities off
high_response_time_warning 0
high_page_fault_warning 0
high_memory_warning 0 bytes
store_dir_select_algorithm least-load
ie_refresh off
vary_ignore_expire off
sleep_after_fork 0
Received on Thu Feb 17 2005 - 10:33:16 MST

This archive was generated by hypermail pre-2.1.9 : Tue Mar 01 2005 - 12:00:02 MST