?
Solved

Squish: Users over their quota are not denied

Posted on 2009-07-06
1
Medium Priority
?
994 Views
Last Modified: 2013-11-08
Hello,

I am trying to use Squish with Squid and NCSA authentication. Squish is not denying users that are over quota. I think it might me the order of the ACLs in my squid.conf file.

Thank you for your help!
#Recommended minimum configuration:
#	
# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access allow CONNECT !SSL_ports
# 
# We strongly recommend the following be uncommented to protect innocent
# web applications running on the proxy server who think the only
# one who can access services on "localhost" is a local user
#http_access deny to_localhost
#               
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
 
 
acl ncsa_users proxy_auth REQUIRED
http_access allow ncsa_users
 
### added by squish (begin)
# acl's for squish - autodetected, sometimes
acl SQUISHLOC dst server.net
acl SQUISHED1 proxy_auth -i "/etc/squid/squished"
acl password proxy_auth REQUIRED
acl SQUISHED2 ident    "/etc/squid/squished"
acl SQUISHED3 src        "/etc/squid/squished"
 
# Error info that says you're squished
deny_info http://server.net/?squished& SQUISHED1
deny_info http://server.net/squish/?squished& SQUISHED2
deny_info http://server.net/squish/?squished& SQUISHED3
 
# HTTP access controls for squish
http_access allow SQUISHLOC
http_access allow password !SQUISHED1
http_access deny SQUISHED1
http_access deny SQUISHED2
http_access deny SQUISHED3
### added by squish (end)
 
# Example rule allowing access from your local networks. Adapt   
# to list your (internal) IP networks from where browsing should
# be allowed
 
 
# And finally deny all other access to this proxy
http_access allow localhost
http_access deny all

Open in new window

0
Comment
Question by:drew17
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 

Accepted Solution

by:
drew17 earned 0 total points
ID: 24788103
I figure it out. I need to remove or comment out line 20:

http_access allow ncsa_users

to

#http_access allow ncsa_users
0

Featured Post

Percona Live Europe 2017 | Sep 25 - 27, 2017

The Percona Live Open Source Database Conference Europe 2017 is the premier event for the diverse and active European open source database community, as well as businesses that develop and use open source database software.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will explain how to establish a SSH connection to Ubuntu through the firewall and using a different port other then 22. I have set up a Ubuntu virtual machine in Virtualbox and I am running a Windows 7 workstation. From the Ubuntu vi…
In part one, we reviewed the prerequisites required for installing SQL Server vNext. In this part we will explore how to install Microsoft's SQL Server on Ubuntu 16.04.
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Suggested Courses
Course of the Month10 days, 8 hours left to enroll

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question