no-spam@people.net.au
2007-Apr-04 23:45 UTC
[Samba] Use of cache_peer login=username:password
I'm running squid 2.6.11 on FreeBSD with a parent cache that requires authentication in order to access any web sites. It's been suggested to us by the department that runs the upstream cache that we can make some sites accessible without the client having to authenticate by getting our local squid to supply the username & password to the upstream cache for those sites. It users the cache_peer login= syntax. Unfortunately, the configuration they sent me doesn't work - I get the following error:"FATAL: ERROR: cache_peer xxx.xxx.xxx.xxx specified twice". Here is the relavent section of squid.conf (IP address, username & password have been removed!) #Define acl for all source addresses acl rest src 0.0.0.0/0.0.0.0 # #Define acl for proxy bypass addresses (squid does authentication for these) acl safe dstdomain "/usr/local/etc/squid/safe.conf" #Supply username & password for sites defined in safe.conf cache_peer xxx.xxx.xxx.xxx parent 8080 3130 default no-query login=username:password cache_peer_access xxx.xxx.xxx.xxx allow safe cache_peer_access xxx.xxx.xxx.xxx deny rest #Require authentication for all other sites cache_peer xxx.xxx.xxx.xxx parent 8080 3130 default no-query login=PASS cache_peer_access xxx.xxx.xxx.xxx deny safe cache_peer_access xxx.xxx.xxx.xxx allow rest Can anyone suggest a way to implement this that gets around the duplicate cache_peer problem? Cheers, Ian
no-spam@people.net.au
2007-Apr-05 04:08 UTC
[Samba] Re: Use of cache_peer login=username:password
Oops, sorry, wrong mailing list! Ian On Thu Apr 5 9:08 , "no-spam@people.net.au" sent:>I'm running squid 2.6.11 on FreeBSD with a parent cache that requires >authentication in order to access any web sites. >It's been suggested to us by the department that runs the upstream cache that we >can make some sites accessible without the client having to authenticate by >getting our local squid to supply the username & password to the upstream cache >for those sites. >It users the cache_peer login= syntax. >Unfortunately, the configuration they sent me doesn't work - I get the following >error:"FATAL: ERROR: cache_peer xxx.xxx.xxx.xxx specified twice". > >Here is the relavent section of squid.conf (IP address, username & password have >been removed!) > >#Define acl for all source addresses >acl rest src 0.0.0.0/0.0.0.0 ># >#Define acl for proxy bypass addresses (squid does authentication for these) >acl safe dstdomain "/usr/local/etc/squid/safe.conf" >#Supply username & password for sites defined in safe.conf >cache_peer xxx.xxx.xxx.xxx parent 8080 3130 default no-query login=username:password >cache_peer_access xxx.xxx.xxx.xxx allow safe >cache_peer_access xxx.xxx.xxx.xxx deny rest >#Require authentication for all other sites >cache_peer xxx.xxx.xxx.xxx parent 8080 3130 default no-query login=PASS >cache_peer_access xxx.xxx.xxx.xxx deny safe >cache_peer_access xxx.xxx.xxx.xxx allow rest > >Can anyone suggest a way to implement this that gets around the duplicate >cache_peer problem? > >Cheers, >Ian > > > >