Hi,
After a little help. I have a setup here where I want to force all
users to use a cache
peer *except a few*.
I am also using NTLM auth and NT Global group checking
It seems to be partially working where the 'direct' users always go direct
but the 'peered' users
are only partialy using the peer (some requests are going direct).
Squid.conf snippet:
#***************************************************************************
********************
external_acl_type NT_global_group %LOGIN /usr/local/squid/libexec/wb_group
acl DirectProxyUsers external NT_global_group <Group1>
acl PeerProxyUsers external NT_global_group <Group2>
acl password proxy_auth REQUIRED
never_direct allow all
always_direct allow DirectProxyUsers
Http_access allow password PeerProxyUsers
Http_access allow password DirectProxyUsers
#***************************************************************************
********************
I have confirmed that the external ACL is working ok. If I remove the
always_direct line then
all requests go to the peer as expected. If I change the 'DirectProxyUsers'
ACL to a standard 'SRC'
or something then it also works as expected (just DirectProxyUsers go
direct). Is there an issue with
using an external helper with an always_direct or something?
As it is, it seems that about 2 in 5 of requests from the users that match
the 'PeerProxyUsers' ACL still
Go direct. Why?
Thanks in Advance,
Andrew
Received on Wed Jul 30 2003 - 20:49:45 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:18:21 MST