Re: [SQU] Announcing NTLM authentication support for Squid.

From: Robert Collins <robert.collins@dont-contact.us>
Date: Thu, 24 Aug 2000 18:53:58 +1000

Ian,
this is fairly easy.
You need to add definitions to squid.conf, and write a helper protocol: you
won't need a stateful one so you can base it closely on the DNS helper
protocol
ie pass the helper the ip, recieve the name to log.
add in parsing code for the squid.conf entry, and finally change the ident
code in squid to call your helper rather than useing the internal ident.
Look at the internal DNS vs extenral DNS for example code.

Probably around 20-40 lines of code spread around a bit.

Rob

----- Original Message -----
From: "Chemolli Francesco (USI)" <ChemolliF@GruppoCredit.it>
To: "'Ian Redfern'" <redferni@logica.com>
Cc: "'Robert Collins'" <robert.collins@itdomain.com.au>
Sent: Thursday, August 24, 2000 5:40 PM
Subject: RE: [SQU] Announcing NTLM authentication support for Squid.

> > For a long time I have been using LAN Manager reverse lookups for user
> > identification (like identd) rather than authentication, to
> > keep some track on
> > who is using the system. I do this by post-procesing the logs
> > and running
> > nmblookup -r -A against the IP addresses, then caching the
> > results. I'd really
> > like Squid to be able to do this directly, but am unwilling to use
> > authentication because I have no intention of locking out, or
> > even challenging
> > our Unix/Mac/PDA users - I have other ways of identifying them.
> >
> > Is there any chance of incorporating something like this into
> > your change? A
> > user-defined identd would be one way to do it.
>
> I don't believe that it could be done within THIS change, as
> our work implies using a different set of hooks.
> It could definitely be done though, "simply" using helpers
> rather than an internal ident client.
>
> I really don't have the time to venture into this ground though.
> Maybe Robert? (I've Cc: ed this mail to him).
>
> --
> /kinkie
>
Received on Thu Aug 24 2000 - 02:45:18 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:12:35 MST