[squid-users] Squid bind each outgoing ip to a user?
jyliu
liujy0208 at gmail.com
Sun Apr 7 04:45:57 UTC 2019
I am trying to use squid and bind 2 outgoing ips separately to 2 users.
The ideal results will be, I can access the following:
xxx.xxx.xxx.14:3128:user1:user1password
xxx.xxx.xxx.18:3128:user2:user2password
But not:
xxx.xxx.xxx.14:3128:user2:user2password
xxx.xxx.xxx.18:3128:user1:user1password
I find a similar question on stackoverflow and thus use a similar
squid.conf:
acl http proto http
acl port_80 port 80
acl port_443 port 443
acl CONNECT method CONNECT
auth_param basic program /usr/lib64/squid/basic_ncsa_auth
/etc/squid/passwords
acl ncsa_users proxy_auth REQUIRED
external_acl_type userIp %SRC %LOGIN /usr/lib64/squid/ext_file_userip_acl -f
/etc/squid/userIp.conf
acl userIp external userIp
http_access deny !ncsa_users
http_access allow userIp
http_access deny all
http_port 3128
acl ip1 myip xxx.xxx.xxx.14
tcp_outgoing_address xxx.xxx.xxx.14 ip1
acl ip2 myip xxx.xxx.xxx.18
tcp_outgoing_address xxx.xxx.xxx.18 ip2
And in my userIp.conf I have:
xxx.xxx.xxx.14 user1
xxx.xxx.xxx.18 user2
And in my /etc/squid/passwords I have the following created by htpasswd:
user1:encrypted password
user2:encrypted password
The problem is: if I delete* 'http_access deny !ncsa_users'*, then user1 can
access both xxx.xxx.xxx.14 and xxx.xxx.xxx.18. Same with user2.
But if I keep* 'http_access deny !ncsa_users'* as it is, then all connection
fails.
I feel *'http_access allow userIp'* doesn't work as it intends to.
I can't search a similar problem on web... Hope anyone could help me
--
Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
More information about the squid-users
mailing list