[plug] Squid
The Thought Assassin
assassin at live.wasp.net.au
Mon Aug 21 15:28:32 WST 2000
On Mon, 21 Aug 2000, Paul Baumgarten wrote:
> > A quick question re: squid. How easy/hard would it be to put a usr/pass
> > combination to prevent access to the Internet from the corporate LAN?
> The squid-cache.org page has all the doco's. I have it running here.
> You just need a few ACL's and some type of program/script that will
> return OK or ERR for any user name / password pair. For my
> authenticator I just have an "expect" script that attempts to login, if
> it works then username/password is valid, if it doesn't it isn't.
Eeeeeg. There is an authenticator supplied with squid called ncsa_auth
that you can point at your /etc/passwd, /etc/shadow, or
/usr/local/squid/etc/passwd or whatever. I'd be inclined to use the
standard methods purely for the benefits of extra eyeballs.
It is invoked as:
<path>/ncsa_auth <path>/passwdfile.
from your authenticate_program line.
> Alternatively if not all your users are have accounts on your linux box
> you can just as easily authenticate against an NT or Novell box.
...using the supplied smb_auth program.
-Greg Mildenhall
More information about the plug
mailing list