Re: [squid-users] tcp_outgoing_address + Authentication

From: Chris Robertson <[email protected]>
Date: Mon, 22 May 2006 12:56:42 -0800

Shadi Almosri wrote:

>Hiya All,
>
> I have managed to get squid up and running and authenticating users
>that attempt to access it. Now my problem is this. I have 5 IP addresses,
>depending on which IP address the users use I ned the tcp_outgoing_address
>to be different. Here are the settings so far (might give you a better
>idea):
>
>acl 19_93_97_250 proxy_auth REQUIRED
>acl 19_93_97_251 proxy_auth REQUIRED
>acl 19_93_97_252 proxy_auth REQUIRED
>acl 19_93_97_253 proxy_auth REQUIRED
>acl 19_93_97_254 proxy_auth REQUIRED
>
>http_access allow 19_93_97_250
>http_access allow 19_93_97_251
>http_access allow 19_93_97_252
>http_access allow 19_93_97_253
>http_access allow 19_93_97_254
>http_access deny all
>
>tcp_outgoing_address 19.93.97.250 19_93_97_250
>tcp_outgoing_address 19.93.97.251 19_93_97_251
>tcp_outgoing_address 19.93.97.252 19_93_97_252
>tcp_outgoing_address 19.93.97.253 19_93_97_253
>tcp_outgoing_address 19.93.97.254 19_93_97_254
>
>All requests still seem to be going through the first ip unfortunately.
>
>Now the second dilemma I will also face is I would need only specific
>authenticated users to be able to use each IP, for example user_1 is
>authenticated but should only be able to access the proxy on IP 19.93.97.252
>and none of the others. Any clues on how to get this going would be
>appreciated!
>
>Regards
>Shadi
>
>
>
If I'm reading this correctly, you have five IP addresses that clients
might use to access the cache, correct? If that's the case, look in to
the myip acl for part of this puzzle. If this is wrong, ignore the rest
of this message. Use the following as a guide...

acl 19_93_97_250 myip 19.93.97.250/32 # ACL defining the incoming IP
acl 250_users proxy_auth jim bob joe # Users allowed on this IP
http_access allow 19_93_97_250 250_users # Putting the two together
http_access deny 19_93_97_250 # deny all other access to this IP
tcp_outgoing_address 19.93.97.250 19_93_97_250 # Traffic that comes in
on this IP, goes out on this IP

Chris
Received on Mon May 22 2006 - 14:57:04 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Jun 01 2006 - 12:00:02 MDT