[plug] Squid

Paul Baumgarten paul at kcc.wa.edu.au
Mon Aug 21 22:33:59 WST 2000


> > > A quick question re: squid. How easy/hard would it be to put a usr/pass
> > > combination to prevent access to the Internet from the corporate LAN?
> > The squid-cache.org page has all the doco's.  I have it running here.
> > You just need a few ACL's and some type of program/script that will
> > return OK or ERR for any user name / password pair.  For my
> > authenticator I just have an "expect" script that attempts to login, if
> > it works then username/password is valid, if it doesn't it isn't.
> Eeeeeg. There is an authenticator supplied with squid called ncsa_auth
> that you can point at your /etc/passwd, /etc/shadow, or
> /usr/local/squid/etc/passwd or whatever. I'd be inclined to use the
> standard methods purely for the benefits of extra eyeballs.

Except when your script is also performing other processing... such as
checking a dynamic file containing "prohibited" users who have used up
their web browsing quota or have attempted to access prohibited url's
etc. so while I can use the ncsa to check the userid/passwd pair it
won't do the other custom stuff... hence one of the beautiful things
about linux.... lots of ways to achieve the same end and totally
customisable to individual needs.

-- 
Paul Baumgarten
Information Systems Manager, Kingsway Christian College
Proprietor, Bauma Technologies
Email: paul at bauma.com.au or paul at kcc.wa.edu.au
Mobile: 041 994 2779



More information about the plug mailing list