On 2/14/19 4:34 AM, jetraw wrote: > Hello guys, i want to make configuration where i'm going user 2 different > ports for different type connection
> acl network src 10.20.20.0/24 #just sample of network > acl auth proxy_autx REQUIRED > > acl connectport myportname 3128 > acl authporth myportname 3130 > > http_access allow auth !connectport > http_access allow network !authporth > > and if my first line is "http_access allow auth" i have REQUIRED window on > the all PCs without AD, if i set first line "http_access allow network", all > of my domain PCs go to the internet via acl network > > can i use one squid port to auth, and secon to ip connection in the same > network? Yes, you can. Put your port-filtering ACLs first so that Squid does not evaluate the authentication ACL when it does not have to. Evaluation of an authentication ACL leads to authentication. Here is a sketch: # For authporth, allow authenticated traffic only. http_access allow authporth auth http_access deny authporth # If you only have two ports, then you know you are dealing with # the second port here, so there is no need for explicit connectport. http_access allow network http_access deny all Needless to say, you need more http_access rules to block various bad requests. See squid.conf.default for details. Alex. _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
