Re: monitoring on a per-user basis

Andrew,

        The username is part of the log as long you uncomment the
USE_PROXY_AUTH in the Makefile. As for the radius or pam authentication,
I would suggest the patches supplied by Arjan deVet at:

        http://www.iae.nl/users/devet/squid/

Seeya,

-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-
David Richards
Network Programmer
Internetworking Software Services, Computing Services
Queensland University of Technology
Level 12, 126 Margaret Street
Brisbane QLD 4001, Australia
E-mail: dj.richards@qut.edu.au
Ph: +61 7 3864 4347 Fax: +61 7 3864 5272
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-

On Mon, 7 Sep 1998, Andrew Hall wrote:

> Alan,
>
> thanks for your reply,
>
> A couple of questions:
> 1. how do I get the username written as part of the access.log. Do I need to
> enable "user-agent" during compilation?
> 2. Do you know if there is a radius_auth or pam_auth available for
> authentication?
>
> Thanks and regards,
>
> Andrew.
> -----Original Message-----
> From: Sparks, Alan <asparks@harris.com>
> To: 'Andrew Hall' <aah@impaq.net.au>
> Date: Saturday, 5 September 1998 1:52
> Subject: RE: monitoring on a per-user basis
>
>
> On our intranet, I use Squid 1.2b23p4 for just such a thing. I find the idea
> of
> tracking people down via IP address repugnant... so I implemented
> username/password access to the cache.
>
> You need to decide how you wish to store username and password info for the
> cache. Squid comes with a web server like password file capacity built-in.
> If
> you have other authentication mechanisms on your network, squid allows for
> an
> external authenticator, usually constructed by you, to access the
> authentication
> mechanism and provide a yes/no to allowing access through the cache. For
> instance, I use a custom small interface to our LDAP directory server for
> password checking.
>
> I like the facility cuz the usernames are logged into the access.log file.
> You
> can then either write your own little program to parse the file and generate
> access stats for the bosses, or take a look at NetTracker Proxy (from Sane
> Solutions) that will read squid logs and dice them up into about any report
> you
> could want. By user name, not IP address. I use the former solution, but
> intend to buy the latter soon.
>
> Anyway, just a few thoughts.
> -Alan
>
>
>
> -----Original Message-----
> From: Andrew Hall [mailto:aah@impaq.net.au]
> Sent: Friday, September 04, 1998 1:55 AM
> To: squid-users@ircache.net
> Subject: monitoring on a per-user basis
>
>
> Hi (again),
>
> Just a quickie... Some of our customers (corporate) have requested that we
> keep
> track of where their staff are going to using the company's internet
> account.
> (dial in accounts). As the IP addresses change every time these staff login
> to
> one of my racks I have no way of logging who goes where.. Can squid
> (1.2b24p1)
> do this using per user authentication? Does anyone else do this, if so how?
> I
> guess I'm trying to ascertain whether I can get squid to log IP address
> against
> a username in the access.log file so I can correlate it later?
>
> Is this a can do?
>
> thanks,
> Andrew.
>
>
>
Received on Sun Sep 06 1998 - 21:54:40 MDT