[squid-users] RE: Integrated authentication with IE on Windows 2003

From: Nemallikanti, Venu <[email protected]>
Date: Wed, 6 Apr 2005 15:53:10 -0400

Here is my squid.conf. I went in and checked again, no samba or Kerberos
installed.

Thanks
Venu

############## Start of squid.conf

shutdown_lifetime 5 seconds
icp_port 0

http_port 192.168.25.56:80

acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY

cache_effective_user squid
cache_effective_group squid

pid_filename /var/run/squid.pid

cache_mem 2 MB
cache_dir aufs /var/log/cache 50 16 256

error_directory /usr/lib/squid/errors/English

cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
useragent_log /var/log/squid/useragent.log

strip_query_terms off

log_mime_hdrs off
forwarded_for off

auth_param ntlm program /usr/lib/squid/ntlm_auth CAMELOT/AD01
CAMELOT/AD01
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes

acl for_inetusers proxy_auth REQUIRED

acl within_timeframe time MTWHFAS 00:00-24:00

acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 800 # Squids port (for icons)

acl IPCop_http port 81
acl IPCop_https port 445
acl IPCop_ips dst 192.168.25.56
acl IPCop_networks src
"/var/ipcop/proxy/advanced/acls/src_subnets.acl"
acl CONNECT method CONNECT

#Access to squid:
#local machine, no restriction
http_access allow localhost

#GUI admin if local machine connects
http_access allow IPCop_ips IPCop_networks IPCop_http
http_access allow CONNECT IPCop_ips IPCop_networks IPCop_https

#Deny not web services
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

#Set custom configured ACLs
http_access allow IPCop_networks for_inetusers within_timeframe
http_access deny all

maximum_object_size 4096 KB
minimum_object_size 0 KB

request_body_max_size 0 KB
reply_body_max_size 0 allow all

visible_hostname ipcoptest.castlepointmortgage.com

############## End of squid.conf
Received on Wed Apr 06 2005 - 13:53:41 MDT

This archive was generated by hypermail pre-2.1.9 : Sun May 01 2005 - 12:00:03 MDT