2011年9月14日 星期三

Centos6 + Squid 3 使用簡易認證 (htpasswd)

mkdir /media/cdrom
mount /dev/cdrom /media/cdrom
yum --disablerepo=\* --enablerepo=c6-media install httpd-tools squid


http_port 3128
error_directory /usr/share/squid/errors/zh-tw
cache_dir ufs /var/spool/squid 100 16 256
cache_mem 16 MB
visible_hostname ezproxy
logfile_rotate 2

access_log /var/log/squid/access.log

#SSL
acl CONNECT method CONNECT
acl ssl_port port 443

#Auth
auth_param basic realm Welcome to proxy service
auth_param basic program /usr/lib64/squid/ncsa_auth /etc/squid/squid-passwd
acl allow_user proxy_auth REQUIRED

http_access deny CONNECT !ssl_port
http_access allow allow_user all
http_access deny all


2011/09/14 10:28:37| WARNING: (B) '::/0' is a subnetwork of (A) '::/0'
2011/09/14 10:28:37| WARNING: because of this '::/0' is ignored to keep splay tree searching predictable
2011/09/14 10:28:37| WARNING: You should probably remove '::/0' from the ACL named 'all'



In Squid 3.0 and above, the 'all' ACL is built-in, you cannot (& need not) define it.

http://www.l-penguin.idv.tw/article/proxy-auth.htm