On 20/03/11 05:06, Dr. Tilmann Bubeck wrote:
> Hello squid developers,
>
> I would like to extend squid so that an administrator can define a
> maximum time for web access for a given time period. This could be used
> for parents limiting the time to use the internet. E.g. I would like to
> define something like:
>
> joe:unlimited
> mary:unlimited
> littlejoe:2h / 1day
> littlemary:4h/1week
>
> I know, that squid already allows to limit the access time (e.g. Monday
> from 2pm to 4pm), but this is to unflexible for children. They should
> decide on there own WHEN to use the internet but only up to a given
> "time quota".
>
> Question 1: do you know of something similar?
>
Not publicly for Squid. The topic of time quotas comes up often enough
that there are probably custom versions built by people floating around.
But no working code has been submitted in the last few years at least.
Net-nanny or similar software packages likely do all this already too.
> Question 2: I would would like to implement this in the following way.
> Is this OK or do you have any tips?
>
> It could be an external_acl helper very similar to the existing "squid
> session" helper. There would be an additional configuration file as
> described above. The module would be included in squid.conf with a
>
> external_acl_type time_quota ttl=60,negative_ttl=60 %LOGIN
> /usr/local/squid/libexec/time_quota -f /usr/local/squid/etc/time_quota.conf
> acl AclName external time_qouta
>
> It would count how many minutes each user has already used and store
> that in memory or a database. As long as their is enough time left, it
> would respond with OK, otherwise with ERR until the limit is reset.
I think you are on the right sort of path there. Though you will want to
do that accounting in seconds rather than minutes.
As always the devil is in the details. In particular for time quotas the
killer detail is calculating that time-used quantity when no
transactions are going through. The tricky "stopped. But are they still
reading?" period.
The ACL model can give you time of starting any given request. It does
not have access at ACL testing time to the end duration of any single
request.
>
> Question 3: Assuming that I code it in a way you like it, are you
> willing to include this into squid? I would transfer any license which
> is needed.
We are generally happy to bundle useful helpers.
For distribution by us it will need to be licensed under the GPL version
2, with the 2+ re-distribution allowance. Copyright may be retained by
you personally.
Implementation language for helpers is up to you. Though for bundled
code ideally the compiler or interpreter is readily available on a wide
range of OS. ie C/C++, portable shell script, perl or python.
We ask that as developer you provide support for that piece of code.
1-2 years should see it into production systems and through a fair bit
of user feedback on the way. The amount of work this translates to is
relative to how buggy and/or popular it is.
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.11 Beta testers wanted for 3.2.0.5Received on Mon Mar 21 2011 - 05:12:00 MDT
This archive was generated by hypermail 2.2.0 : Mon Mar 21 2011 - 12:00:04 MDT