[Samba] Use of cache_peer login=username:password

no-spam at people.net.au no-spam at people.net.au
Wed Apr 4 23:38:02 GMT 2007

I'm running squid 2.6.11 on FreeBSD with a parent cache that requires
authentication in order to access any web sites.
It's been suggested to us by the department that runs the upstream cache that we
can make some sites accessible without the client having to authenticate by
getting our local squid to supply the username & password to the upstream cache
for those sites.
It users the cache_peer login= syntax.
Unfortunately, the configuration they sent me doesn't work - I get the following
error:"FATAL: ERROR: cache_peer xxx.xxx.xxx.xxx specified twice".

Here is the relavent section of squid.conf (IP address, username & password have
been removed!)

#Define acl for all source addresses
acl rest src
#Define acl for proxy bypass addresses (squid does authentication for these)
acl safe dstdomain "/usr/local/etc/squid/safe.conf"
#Supply username & password for sites defined in safe.conf
cache_peer xxx.xxx.xxx.xxx parent 8080 3130 default no-query login=username:password
cache_peer_access xxx.xxx.xxx.xxx allow safe
cache_peer_access xxx.xxx.xxx.xxx deny rest
#Require authentication for all other sites
cache_peer xxx.xxx.xxx.xxx parent 8080 3130 default no-query login=PASS
cache_peer_access xxx.xxx.xxx.xxx deny safe
cache_peer_access xxx.xxx.xxx.xxx allow rest

Can anyone suggest a way to implement this that gets around the duplicate
cache_peer problem?


More information about the samba mailing list