Hi all, it's me again, just a simple question I've configured an squid 2.7 with ntlm auth and i want to let some AD users to listen spotify
My problem is that spotify streaming is being blocked by squid to this group and idk why. Maybe another syntax problem? here's my squid.conf ###########################SQUID.CONF visible_hostname prana auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 5 auth_param ntlm keep_alive on external_acl_type ntlm_group ttl=3600 children=100 %LOGIN /usr/lib/squid/ wbinfo_group.pl acl porno url_regex -i "/etc/squid/listas/porno.lst" acl permitidos dstdomain -i "/etc/squid/listas/permitidos.lst" acl directo url_regex -i "/etc/squid/listas/direct.lst" acl vidyaud rep_mime_type -i "/etc/squid/listas/blockstr.lst" acl useragent browser -i "/etc/squid/blockejec/browser.lst" acl blockstr req_mime_type -i "/etc/squid/blockejec/blocstreaming.lst" acl blockejec url_regex -i "/etc/squid/blockejec/blockejec.lst" acl audyvid req_mime_type -i "/etc/squid/listas/blockstr.lst" acl blockstr2 rep_mime_type -i "/etc/squid/blockejec/blocstreaming.lst" acl destinolimitado dstdomain -i "/etc/squid/listas/limitado.lst" acl all src all acl CONNECT method CONNECT acl manager proto cache_object acl webserver src 192.168.8.121/255.255.255.255 http_access allow manager webserver http_reply_access allow manager webserver http_access deny manager http_access deny porno all http_reply_access deny porno all acl uservipstr external ntlm_group "/etc/squid/listas/uservipstr.lst" http_access deny blockejec uservipstr http_access allow uservipstr http_reply_access allow uservipstr http_access deny blockstr !uservipstr all http_reply_access deny blockstr !uservipstr all http_access deny blockstr2 !uservipstr all http_reply_access deny blockstr2 !uservipstr all http_access deny audyvid !uservipstr all http_access deny vidyaud !uservipstr all http_reply_access deny audyvid !uservipstr all http_reply_access deny vidyaud !uservipstr all acl SSL_ports port 443 # https acl SSL_ports port 563 # snews acl SSL_ports port 873 # rsync acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 631 # cups acl Safe_ports port 873 # rsync acl Safe_ports port 901 # SWAT acl Safe_ports port 78 69 #Spotify # Deny requests to unknown ports #http_access allow Safe_ports http_access deny !Safe_ports # Deny CONNECT to other than SSL ports http_access deny CONNECT !SSL_ports acl ntlm proxy_auth REQUIRED http_access allow ntlm http_reply_access allow ntlm http_access deny all http_reply_access deny all ########### thank you all -- Jonathan Filogna It Senior Tasso SRL 4702 1910
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
