Linux Forums - Linux Help,Advice & support community:LinuxSolved.com

Network Troublshooting => Linux Proxy Server Support => Topic started by: franco83 on May 24, 2011, 10:22:16 AM

Title: Squid -ldap - Delay pools - limit user by name
Post by: franco83 on May 24, 2011, 10:22:16 AM
Hello everybody, I have a proxy server with squid 2.7. I use system authentication with ldap. I want limit browser navigation with delay pools but without using ip address of the user, using instead the name of the user logged when he opens browser. Ldap authentication works properly. I try in this way but i have this error:

nsx:~# /etc/init.d/squid restart
Restarting Squid HTTP proxy: squid Waiting.....................done.
2011/05/24 11:56:19| parse_delay_pool_class: Ignoring pool 1 class 4 not in 1 .. 3
2011/05/24 11:56:19| parse_delay_pool_rates: Ignoring pool 1 attempt to set rates with class not set
2011/05/24 11:56:19| parse_delay_pool_class: Ignoring pool 2 class 4 not in 1 .. 3
2011/05/24 11:56:19| parse_delay_pool_rates: Ignoring pool 2 attempt to set rates with class not set


 I post my squid.conf. Any other solutions are welcome...Thanks for your help.

acl internet external ldap_group Internet
acl password proxy_auth REQUIRED
acl internet-limit2 external ldap_group internet-limit2
acl internet-limit3 external ldap_group internet-limit3





########################################
####### DELAY POOLS ########
########################################
delay_pools 2

delay_class 1 4
delay_parameters 1 -1/-1 -1/-1 -1/-1 625/625
delay_access 1 deny internet-limit3
delay_access 1 allow internet-limit2
delay_access 1 deny all

delay_class 2 4
delay_parameters 2 -1/-1 -1/-1 -1/-1 -1/-1
delay_access 2 allow internet-limit3
delay_access 2 deny all

########################################
########################################


http_access allow manager localhost
http_access deny manager
# Only allow purge requests from localhost
http_access allow purge localhost
http_access deny purge
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
#
# We strongly recommend the following be uncommented to protect innocent
# web applications running on the proxy server who think the only
# one who can access services on "localhost" is a local user
#http_access deny to_localhost
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS

# Example rule allowing access from your local networks. Adapt
# to list your (internal) IP networks from where browsing should
# be allowed
acl our_networks src 192.168.1.0/24

#http_access allow password internet-limit2
#http_access allow password internet-limit3
http_access allow password Internet



http_access allow our_networks
http_access allow localhost

# And finally deny all other access to this proxy
http_access deny all