squid bind outgoing ip

2019-08-27 06:26发布

问题:

I have many ips on same server and I am using squid basic authentication.

Example - I have two ips and 2 users and one single port 3128. The issue is any user can use any outgoing ips.

Below is my squid configuration:

acl http proto http
acl port_80 port 80
acl port_443 port 443
acl CONNECT method CONNECT

auth_param basic program  /usr/bin/python /path/to/authenticationscript
auth_param basic realm Please enter username and password
auth_param basic credentialsttl 1 second

acl AuthUsers proxy_auth REQUIRED

external_acl_type userip %SRC %LOGIN /usr/lib/squid/ext_file_userip_acl -f /path/to/config.file
acl userip external userip

http_access allow userip
http_access deny all

http_port 3128 name=0
acl ip1 myportname 0
tcp_outgoing_address x.x.x.0 ip1

acl ip2 myportname 1
tcp_outgoing_address x.x.x.1 ip2

where x.x.x.x is the ipaddress of the server.

In the config.file I am having

x.x.x.0(ipaddress1) user1
x.x.x.1(ipaddress2) user2

How can I let one user to connect to one ip?

回答1:

I found the solution.

I need to change the http_port and acl of myportname to below:

http_port 3128
acl ip1 myip x.x.x.0
tcp_outgoing_address x.x.x.0 ip1

acl ip2 myip x.x.x.1
tcp_outgoing_address x.x.x.1 ip2