[squid-users] Skype issue

rocaembole jonathan.filogna at tasso.com.ar
Thu Jun 4 12:05:43 UTC 2015


here's my squid.conf

##NTLM
#
##DECLARED
auth_param ntlm program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 5
auth_param ntlm keep_alive on

external_acl_type ntlm_group ttl=f3600 children=100 %LOGIN
/usr/lib/squid3/wbinfo_group.pl

##SRC

acl administrador external ntlm_group "/etc/squid3/lists/UserSkype.lst"
##UserSkype is a group on AD with 3 users
acl all src all
acl localnet src 10.0.0.0/8
acl webserver src 10.0.0.11
acl manager proto cache_object
#acl skype 
acl localhost src 127.0.0.1/32
acl SSL_ports port 443        # https
acl SSL_ports port 563        # snews
acl SSL_ports port 873        # rsync
acl Safe_ports port 80        # http
acl Safe_ports port 21        # ftp
acl Safe_ports port 443        # https
acl Safe_ports port 70        # gopher
acl Safe_ports port 210        # wais
acl Safe_ports port 1025-65535    # unregistered ports
acl Safe_ports port 280        # http-mgmt
acl Safe_ports port 488        # gss-http
acl Safe_ports port 591        # filemaker
acl Safe_ports port 777        # multiling http
acl Safe_ports port 631        # cups
acl Safe_ports port 873        # rsync
acl Safe_ports port 901        # SWAT
acl CONNECT method CONNECT
##SRC'S DECLARED
#
##skype
acl numeric_IPs dstdom_regex
^(([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)|(\[([0-9af]+)?:([0-9af:]+)?:([0-9af]+)?\])):443
acl Skype_UA browser ^skype
acl validUserAgent browser \S+
http_access deny numeric_IPS Skype_UA !validUserAgent !administrador
http_access allow numeric_IPS Skype_UA validUserAgent administrador
http_access deny numeric_IPS 
http_access deny Skype_UA
http_access deny !validUserAgent
## *MAYBE I'M HAVING A SYNTAX PROBLEM?*

http_access allow manager webserver
http_access deny manager

http_access deny !Safe_ports

http_access deny CONNECT !SSL_ports






acl ntlm proxy_auth REQUIRED
http_access deny !ntlm
http_access allow ntlm
http_access deny all

http_port 3128
dns_v4_first on
access_log /var/log/squid3/access.log squid
url_rewrite_program /usr/bin/squidGuard -c /etc/squidguard/squidGuard.conf
url_rewrite_children 10

----------------------------------------------------------------------------------------------------------------
Some users can use skype and the rest of them can't use it. Maybe someone
can help me with this issue? i can't find a problem. 

Thank you all



--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Skype-issue-tp4666074p4671527.html
Sent from the Squid - Users mailing list archive at Nabble.com.


More information about the squid-users mailing list