RE: [squid-users] Squid as proxy for aol im

From: Henrik Nordstrom <hno@dont-contact.us>
Date: 11 Nov 2002 11:42:42 +0100

Well.. unless you have removed the default rules shipped in the default
squid.conf then '2' should be in effect.

See your http_access rules.

As for 1, you simply need to set up authentication and then restrict
access in http_access to deny users not logged in from using CONNECT

acl authenticated proxy_auth REQUIRED
http_access deny CONNECT !authenticated

Change the "authenticated" ACL as desired if you want to put additional
restrictions on who may use CONNECT.

Regards
Henrik

mån 2002-11-11 klockan 09.39 skrev George J. Jahchan, Eng.:
> Henrik,
>
> I need to prevent users from tunneling MSN & Yahoo Messengers (+ others) through squid, without resorting to clumsy URL blocking. I am thinking of three possible scenarios (ordered by decreasing desirability):
>
> 1) Authentication for CONNECT method: users cannot use the CONNECT method until explicitly authenticated to access the CONNECT method.
> 2) Disable the CONNECT method for everything but SSL traffic.
> 3) Disable the CONNECT method altogether.
>
> Are any of the above scenarios possible in current or forthcoming versions of Squid?
>
> TIA
Received on Mon Nov 11 2002 - 03:42:31 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:11:16 MST