如何解决如果不允许 IP,则需要 Squid Auth
我运行 Squid 代理。我想设置ACL规则,如果不允许IP地址,则要求进行身份验证。
我有以下配置:
# Default ACL rules:
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
#################################
# Custom ACL IP/Domain/Keyword/Fileextension rules
acl allow_ips src "/etc/squid/acl/allowed_ips.txt" #this is the list of allowed IP adresses. All custom IPs put into the list insteadof putting it here.
acl block_domains dstdomain "/etc/squid/acl/blocked-domains.conf" #this block provided domains
acl block_url_keywords url_regex -i "/etc/squid/acl/blocked-url-keywords.conf"
acl block_file_extensions urlpath_regex -i "/etc/squid/acl/blocked-file-extensions.conf"
#################################
# Recommended minimum Access Permission configuration:
# Deny requests to certain unsafe ports
http_access deny !Safe_ports
# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access deny to_localhost
http_access allow localhost
#################################
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
http_access allow allow_ips !block_domains !block_url_keywords !block_file_extensions
#why I get prompted even if the previous rule has been fullfiled and auth_users is onl for not allowed IPs?
http_access allow auth_users !allow_ips !block_domains !block_url_keywords !block_file_extensions
#################################
# And finally deny all other access to this proxy
http_access deny all
但即使我的 IP 地址被允许,它仍然要求我进行身份验证。
为什么即使前面的规则已经满足,而且 auth_users 只针对不允许的 IP,我还是会收到提示?
有什么办法可以说明连接来自允许的 IP,然后不要求认证?
谢谢!
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。