Re: [squid-users] Squid with ACL

From: polloxx <[email protected]>
Date: Thu, 15 Nov 2007 15:18:50 +0100

On Nov 15, 2007 11:24 AM, Amos Jeffries <squid3@treenet.co.nz> wrote:
>
> polloxx wrote:
> > Dear list,
> >
> > We have a squid proxy servers with ACL filters: Unauthenticated users
> > can only surf a restricted list of sites.
> > Users ho want to surf to all sites need to know the login+password.
> >
> > The problem is now that for many sites who are loading content from
> > other sites (eg. Yahoo) users need to click cancel several times.
> >
> > How can I solve this?
>
> You can do one of three things:
>
> - stop blocking non-auth users
>
> - stop caring about non-auth users having to click
>
> - up the negative_auth_ttl , so the auth requests form squid get reduced
> (auth user logging in in with wrong password will be blocked for this
> timeout so be wary)
>
> Squid does not cannot know who is allowed where before they auth
> properly. There is no other way than auth TTL to prevent these re-auth
> requests.
>

Thanks Amos,

There's no workaround to that? Because it's the visiting (allowed)
site that redirects the user to a (not allowed) site, mostly
advertising sites. We want a solution where must users can only visit
a limited number of sites. A number of users (BOD etc) may visit every
site. Maybe squid isn't the right thing to use? Any suggestions?

Regards,
P.
Received on Thu Nov 15 2007 - 07:18:52 MST

This archive was generated by hypermail pre-2.1.9 : Sat Dec 01 2007 - 12:00:02 MST