[squid-users] delay-pool based on authentication
Amos Jeffries
squid3 at treenet.co.nz
Thu Mar 29 03:20:17 UTC 2018
On 29/03/18 07:31, vvv25 wrote:
>
>> On 27/03/18 02:51, vvv25 wrote:
>>> Thank you for your time Amos,
>>>
>>> the thing is, I want to have the connection to be restricted by default.
>>> May be I don't understand how to define acl's in the right order.
>>> Or I cannot figure out how to separate authenticated users from not
>>> authenticated.
>>
>> You misunderstand. All pools which can match a transaction affect it. To
>> setup this "no restriction" for your certain clients you need to exclude
>> them from the restricted pools.
> Oh, I see. Thank you for clarification.
>
>> Setting them to have one restricted and one un-restricted does not help
>> - they will just get the minimum available bandwidth of the two.
>
> Yes, How then can I achieve following:
> * limited access for non authenticated users (without credentials)
> * unlimited access for those who have credentials ?
Yes, using the config pattern I gave in my first post to this thread.
Just replace the exclusion 'deny' with 'allow'.
"
Use:
delay_access 2 allow !users all
"
>
> Is it possible with one instance of squid or do I have to configure 2
> instances
> one with authentication on and
> one with authentication off?
>
Of course.
> Or are there other ways to try?
>
There are other ways as well. The most efficient is note ACLs which I
also mentioned in my first post.
Amos
More information about the squid-users
mailing list