Solved

Squish: Users over their quota are not denied

Posted on 2009-07-06
1
986 Views
Last Modified: 2013-11-08
Hello,

I am trying to use Squish with Squid and NCSA authentication. Squish is not denying users that are over quota. I think it might me the order of the ACLs in my squid.conf file.

Thank you for your help!
#Recommended minimum configuration:

#	

# Only allow cachemgr access from localhost

http_access allow manager localhost

http_access deny manager

# Deny requests to unknown ports

http_access deny !Safe_ports

# Deny CONNECT to other than SSL ports

http_access allow CONNECT !SSL_ports

# 

# We strongly recommend the following be uncommented to protect innocent

# web applications running on the proxy server who think the only

# one who can access services on "localhost" is a local user

#http_access deny to_localhost

#               

# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS

 
 

acl ncsa_users proxy_auth REQUIRED

http_access allow ncsa_users
 

### added by squish (begin)

# acl's for squish - autodetected, sometimes

acl SQUISHLOC dst server.net

acl SQUISHED1 proxy_auth -i "/etc/squid/squished"

acl password proxy_auth REQUIRED

acl SQUISHED2 ident    "/etc/squid/squished"

acl SQUISHED3 src        "/etc/squid/squished"
 

# Error info that says you're squished

deny_info http://server.net/?squished& SQUISHED1

deny_info http://server.net/squish/?squished& SQUISHED2

deny_info http://server.net/squish/?squished& SQUISHED3
 

# HTTP access controls for squish

http_access allow SQUISHLOC

http_access allow password !SQUISHED1

http_access deny SQUISHED1

http_access deny SQUISHED2

http_access deny SQUISHED3

### added by squish (end)
 

# Example rule allowing access from your local networks. Adapt   

# to list your (internal) IP networks from where browsing should

# be allowed
 
 

# And finally deny all other access to this proxy

http_access allow localhost

http_access deny all

Open in new window

0
Comment
Question by:drew17
1 Comment
 

Accepted Solution

by:
drew17 earned 0 total points
ID: 24788103
I figure it out. I need to remove or comment out line 20:

http_access allow ncsa_users

to

#http_access allow ncsa_users
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Anti-Spam SMTP Proxy Server (@SSP) 7 81
liboauth-php x oauth-1.2.3 3 44
AWS CLI - Instances, Volumes & Tagging 2 71
Linux tcp ports listening for testing 4 44
This document is written for Red Hat Enterprise Linux AS release 4 and ORACLE 10g.  Earlier releases can be installed using this document as well however there are some additional steps for packages to be installed see Metalink. Disclaimer: I hav…
The purpose of this article is to show how we can create Linux Mint virtual machine using Oracle Virtual Box. To install Linux Mint we have to download the ISO file from its website i.e. http://www.linuxmint.com. Once you open the link you will see …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now