-
If you use proxy authentication and you want to restrict the multiple login from other machine. the 'max_user_ip' ACL, this directive controls how long Squid remembers the IP addresses associated with each user. Use a small value (e.g., 60 seconds) if your users might change addresses quickly, as is the case with dialups. You might be safe using a larger value (e.g., 2 hours) in a corporate LAN environment with relatively static address assignments.
we have to add these below four lines in squid.conf in correct place.
authenticate_ip_ttl 300 seconds # Proxy will remember the Ip addresses associated with each user.
acl max_user max_user_ip -s 1 #1 represents how many user can login in different machines.
http_access deny max_user
deny_info maxuser.htm ip_limit
For your reference :-
# vi /etc/squid/squid.conf
Eg.
# TAG: authenticate_ip_ttl
#
#Default:
# authenticate_ip_ttl 0 seconds
authenticate_ip_ttl 300 seconds
# TAG: acl
# Defining an Access List
acl max_user max_user_ip -s 1
http_access deny max_user
# TAG: deny_info
# Usage: deny_info err_page_name acl
deny_info maxuser.htm max_user
Note :-
Create a file in the name of maxuser.htm with your error info. The file should be copied into /etc/squid/error directory.
Don’t forget restart the service
Service squid restart. -
Toggle Sidebar