[squid-users] cache_peer selection based on username

roee klinger roeeklinger60 at gmail.com
Sun Jan 10 19:06:40 UTC 2021 

Thanks, Eliezer, I was able to get it working.
Here is an example in case anybody runs into this in the future:

acl mynote1 note mykey note1
acl mynote2 note mykey note2

external_acl_type user_whitelist_external children-max=20 ttl=300 %>lp %>a
script.sh
acl whitelisted_users external user_whitelist_external
http_access allow whitelisted_users

nonhierarchical_direct off
never_direct allow all
cache_peer 192.168.8.1 parent 101 0 proxy-only default name=proxy1
cache_peer_access proxy1 allow mynote1
cache_peer_access proxy0.2 deny all
cache_peer 192.168.8.2 parent 102 0 proxy-only default name=proxy2
cache_peer_access proxy2 allow mynote2
cache_peer_access proxy0.3 deny all


Then, on the external helper, I return one of these two:

OK mykey=note1
OK mykey=note2


On Sun, Jan 10, 2021 at 5:36 PM Eliezer Croitoru <ngtech1ltd at gmail.com>
wrote:

> You should use a note acl for that.
>
> When you return the whitelisted client you should add a note which can be
> 1-100 or any other static string.
>
>
>
> It works just out of the box.
>
>
>
> ----
>
> Eliezer Croitoru
>
> Tech Support
>
> Mobile: +972-5-28704261
>
> Email: ngtech1ltd at gmail.com
>
> Zoom: Coming soon
>
>
>
>
>
> *From:* squid-users <squid-users-bounces at lists.squid-cache.org> *On
> Behalf Of *roee klinger
> *Sent:* Sunday, January 10, 2021 5:33 PM
> *To:* squid-users at lists.squid-cache.org
> *Subject:* [squid-users] cache_peer selection based on username
>
>
>
> Hey,
>
>
>
> I am trying to figure out the best way to select cache peers based on the
> client username, I have read extensively but I cannot figure out the best
> way to do it.
>
>
>
> so far I have:
>
> external_acl_type user_whitelist_external children-max=20 ttl=300 %>lp %>a
> script.sh
>
> acl whitelisted_users external user_whitelist_external
>
> http_access allow whitelisted_users
>
>
>
> and:
>
> nonhierarchical_direct off
>
> never_direct allow all
>
> cache_peer 192.168.8.1 parent 101 0 proxy-only default name=proxy1
>
> cache_peer_access proxy1 allow whitelisted_users
>
> cache_peer_access proxy0.2 deny all
>
> cache_peer 192.168.8.2 parent 102 0 proxy-only default name=proxy2
>
> cache_peer_access proxy2 allow whitelisted_users
>
> cache_peer_access proxy0.3 deny all
>
>
>
> ideally, script.sh checks if the request is authinticated and if it is, it
> selects the cache peer to use, is there some kind of way to achieve this
> with "Defined keywords" to select which cache peer to use or am I looking
> at this the wrong way?
>
>
>
> What would be the best way to accomplish this?
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20210110/58dbed5a/attachment.htm>

More information about the squid-users mailing list