Changes between Version 7 and Version 8 of TipAndDoc/network/proxy/squid


Ignore:
Timestamp:
Dec 31, 2012 8:13:09 PM (11 years ago)
Author:
mitty
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • TipAndDoc/network/proxy/squid

    v7 v8  
    138138configure options:  '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=${prefix}/include' '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--libexecdir=${prefix}/lib/squid3' '--srcdir=.' '--disable-maintainer-mode' '--disable-dependency-tracking' '--disable-silent-rules' '--datadir=/usr/share/squid3' '--sysconfdir=/etc/squid3' '--mandir=/usr/share/man' '--with-cppunit-basedir=/usr' '--enable-inline' '--enable-async-io=8' '--enable-storeio=ufs,aufs,diskd' '--enable-removal-policies=lru,heap' '--enable-delay-pools' '--enable-cache-digests' '--enable-underscores' '--enable-icap-client' '--enable-follow-x-forwarded-for' '--enable-auth=basic,digest,ntlm,negotiate' '--enable-basic-auth-helpers=LDAP,MSNT,NCSA,PAM,SASL,SMB,YP,DB,POP3,getpwnam,squid_radius_auth,multi-domain-NTLM' '--enable-ntlm-auth-helpers=smb_lm,' '--enable-digest-auth-helpers=ldap,password' '--enable-negotiate-auth-helpers=squid_kerb_auth' '--enable-external-acl-helpers=ip_user,ldap_group,session,unix_group,wbinfo_group' '--enable-arp-acl' '--enable-esi' '--enable-zph-qos' '--enable-wccpv2' '--disable-translation' '--with-logdir=/var/log/squid3' '--with-pidfile=/var/run/squid3.pid' '--with-filedescriptors=65536' '--with-large-files' '--with-default-user=proxy' '--enable-linux-netfilter' 'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 -fPIE -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security' 'LDFLAGS=-Wl,-Bsymbolic-functions -fPIE -pie -Wl,-z,relro -Wl,-z,now' 'CPPFLAGS=-D_FORTIFY_SOURCE=2' 'CXXFLAGS=-g -O2 -fPIE -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security' --with-squid=/build/buildd/squid3-3.1.19 
    139139}}} 
     140 
     141 = BASIC authentication = 
     142 * /etc/squid3/squid.conf 
     143{{{ 
     144auth_param basic program /usr/lib/squid3/ncsa_auth /path/to/htpasswd.file 
     145auth_param basic children 5 
     146auth_param basic realm Squid proxy-caching web server 
     147auth_param basic credentialsttl 2 hours 
     148 
     149acl localnet src 192.168.0.0/24 
     150acl external proxy_auth REQUIRED 
     151 
     152http_access allow localnet 
     153http_access allow external 
     154http_access deny all 
     155}}} 
     156  * 192.168.0.0/24からは認証無し 
     157   * {{{192.168.0.1/24}}}とすると、{{{aclIpParseIpData: WARNING: Netmask masks away part of the specified IP in '192.168.0.1/24'}}}と警告される 
     158  * それ以外からはBASIC認証 
     159 
     160 * /path/to/htpasswd.file はhtpasswdで作成(MD5可) 
     161 * {{{http_access allow external}}}より先に{{{auth_param}}}が設定されている必要がある 
     162{{{ 
     1632012/12/31 18:27:34| Processing: acl external proxy_auth REQUIRED 
     1642012/12/31 18:27:34| Can't use proxy auth because no authentication schemes are fully configured. 
     165FATAL: ERROR: Invalid ACL: acl external proxy_auth REQUIRED 
     166}}}