Hi, Thanks for the links. So I tried what you suggested and for testing, I was using this simple config:-
http_port 8080 auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwords auth_param basic realm proxy external_acl_type checkclient children-max=20 %MYADDR %LOGIN /usr/local/squidauth.py acl authenticated external checkclient http_access allow authenticated cache deny all forwarded_for delete request_header_access Via deny all I made sure that the squidauth.py file was executable and when debugging, I found that the helper processes were running. But nothing was getting passed to the helper processes. In the python code, I was running a loop which reads lines from the stdin and parses them and writes output to the stdout. I checked and it wasn't getting anything from stdin. (I added a line which reads the input line from stdin and sends it to another server through a http request to make sure if it was getting anything from stdin at all) But, when I tried to use the proxy(and of course I was using a username and password that was stored in /etc/squid/passwords), I kept getting the error that authentication required, i.e. the server was sending back the header Proxy-Authenticate: Basic realm="proxy". I am not sure what I am doing wrong here. With regards, Sonya Roy On Tue, Jun 20, 2017 at 2:49 AM, Amos Jeffries <squ...@treenet.co.nz> wrote: > On 20/06/17 09:15, Amos Jeffries wrote: > >> On 20/06/17 03:20, Sonya Roy wrote: >> >>> Since you are saying the IP that can be passed to the helpers is >>> configurable, how would I pass the local IP of the server that the >>> client connected to? >>> >>> I checked out the helpers you mentioned, there they check which IP the >>> connection is coming from. Not the local IP of the server that the >>> client is connected to and they are using %SRC for that. >>> >> >> The external ACL helpers don't know one IP from any other. They simply >> check what is given to them against some form of username+ip mapping. >> >> > [ with the correct links ] > >> >> In Squid-3.5 that would be %MYADDR >> <http://www.squid-cache.org/Versions/v3/3.5/cfgman/external_acl_type.html >> >. >> >> In Squid-4+ it would be %>la >> <http://www.squid-cache.org/Versions/v3/3.5/cfgman/logformat.html> >> >> > Amos > _______________________________________________ > squid-users mailing list > squid-users@lists.squid-cache.org > http://lists.squid-cache.org/listinfo/squid-users >
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
