4

我有一个带有身份验证的工作鱿鱼。如何暂时禁用身份验证?我可以从 squid.conf 中注释掉以下几行吗:

acl ncsa_users proxy_auth REQUIRED


auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid3/passwd
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialstt1 2 hours
auth_param basic casesensitive off

或者,我可以只禁用 acl 组的身份验证吗?

先感谢您

4

4 回答 4

3

我解决了..我只是注释掉了

#auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid3/passwd

然后注释掉 acl ncsa_users proxy_auth REQUIRED

#acl ncsa_users proxy_auth REQUIRED

acl ncsa_users dst 10.244.0.0/16 全部

然后重新启动鱿鱼

我希望有人会觉得这很有用。

于 2013-11-08T02:45:13.213 回答
1

尝试:

评论:

#acl ncsa_users proxy_auth REQUIRED
#auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid3/passwd auth_param basic
#children 5 auth_param basic realm Squid proxy-caching web server auth_param basic  
#credentialstt1 2 hours auth_param basic casesensitive off

并修改:

http_access deny all

至:

http_access allow all
于 2014-03-29T05:36:59.863 回答
0

这对我有用,只允许使用 squid 定义的 IP

######################## Begin SQUID Config ########################
dns_v4_first on
dns_nameservers 8.8.8.8 8.8.4.4
# should be allowed
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7       # RFC 4193 local private network range
acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines
acl Safe_ports port 1-65535 # unregistered ports
acl allowed_user1 src  182.0.0.0/12  all
acl allowed_user2 src  182.1.0.0/12 all
acl allowed_user3 src  114.120.0.0/12  all
acl allowed_user4 src  114.124.0.0/12  all
acl allowed_user5 src  114.125.0.0/12  all
acl allowed_user6 src  114.127.0.0/12  all
acl allowed_user7 src  202.3.0.0/12  all
acl CONNECT method CONNECT
http_port 8080
http_access allow allowed_user1
http_access allow allowed_user2
http_access allow allowed_user3
http_access allow allowed_user4
http_access allow allowed_user5
http_access allow allowed_user6
http_access allow allowed_user7

# visible_hostname 192.168.1.1
### disable cache ###
cache deny all
### Anonymizing traffic ###
forwarded_for delete
request_header_access X-Forwarded-For deny all
request_header_access Via  deny all
############## END squid3 CONFIG ###################
于 2018-10-08T18:06:43.423 回答
-1

#file /etc/squid/squid.conf

#squid 版本 3.5.27

#操作系统ubuntu 18.4

#最后更新 20201221

#cloud aws ec2

#aws ec2 安全组所有流量开放入站和出站

http_access 允许所有

http_port 3128

acl SSL_ports 端口 443

acl Safe_ports 端口 80 # http

acl Safe_ports 端口 21 # ftp

acl Safe_ports 端口 443 # https

acl Safe_ports 端口 70 # gopher

acl Safe_ports 端口 210 # wais

acl Safe_ports port 1025-65535 #未注册的端口

acl Safe_ports 端口 280 # http-mgmt

acl Safe_ports 端口 488 # gss-http

acl Safe_ports 端口 591 # 文件生成器

acl Safe_ports port 777 #multiling http

acl CONNECT 方法 CONNECT

http_access 允许本地主机管理器

http_access 允许本地主机

coredump_dir /var/spool/squid

refresh_pattern ^ftp: 1440 20% 10080

refresh_pattern ^gopher: 1440 0% 1440

refresh_pattern -i (/cgi-bin/|?) 0 0% 0

refresh_pattern(发布|包(.gz)*)$ 0 20% 2880

刷新模式。0 20% 4320

于 2020-12-20T23:41:28.237 回答