Re: [squid-users] java applets proxy_auth problem

From: Xavier <[email protected]>
Date: Wed, 13 Apr 2005 15:00:10 +0200

> What is the first "password" rule for? Looks malplaced to me, but I don't
> know the details of your acls...

in fact , I use ACL "acl xpoirier src 1.x.x.x/255.255.255.255" to use specifics
sizes traffic "reply_body_max_size 0 allow xpoirier"
For somes users...

in order I have :

                   ****************************

acl snmppublic snmp_community public
acl password proxy_auth REQUIRED
acl all src 0.0.0.0/0.0.0.0
acl java_jvm browser Java/1.4
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl xpoirier src 1.x.x.x/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80
#acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT

http_access allow java_jvm
http_access allow manager
http_access allow password
http_access allow xpoirier
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all

                             ********************

If I try to put :
"http_access allow java_jvm password" so I (xpoirier) can go throught proxy
without ident.
If I comment the line : "http_access allow xpoirier" so squid gives me an access
time forbidden error !!!
what's wrong, not easy ...

Xavier
Received on Wed Apr 13 2005 - 07:00:32 MDT

This archive was generated by hypermail pre-2.1.9 : Sun May 01 2005 - 12:00:03 MDT