Gavin,
Are you really looking to authenticate based on ip, or to do
access-control based on ip?
If you want access-control on ip it's easy
acl insecurepcs src 192.168.0.5 192.168.0.9
acl otherpcs src 192.168.0.45 192.168.1.0/24
acl importantusers proxy_auth john stephen mary sue chris
acl otherusers proxy_auth REQUIRED
http_access allow importantusers !insecurepcs
http_access deny importantusers insecurepcs
http_access allow otheruser insecurepcs
http_access deny all
---- If you do want to do ip based authentication.. it's easy enough.. You may / will break existing authenticators so you need to make adding the ip address optional. * add a new config item to squid.conf (in cf.data.pre), initalisation code for the iterm * add code in authenticate.c to send the ip address if your config item is set. * alter the username caching code to re-request authentication if the ip address changes Rob ----- Original Message ----- From: "Gavin Cameron" <gavin@itworks.com.au> To: <squid-users@ircache.net> Sent: Monday, September 04, 2000 12:41 AM Subject: [SQU] Authentication question > Hi, > > How difficult would it to add another field to the data that is passed to > the authentication handler? > > I'd like to be able to authenticate based on username, password and the > source IP address. > > Gavin > > []-----------------------------------+------------------------------------[] > | Gavin Cameron | ITworks Consulting | > | Ph : +61 3 9642 5477 | Level 8, 488 Bourke Street | > | Fax : +61 3 9642 5499 | Melbourne, Victoria | > | Email : gavin@itworks.com.au | Australia, 3000 | > []-----------------------------------+------------------------------------[] > > -- > To unsubscribe, see http://www.squid-cache.org/mailing-lists.html > > -- To unsubscribe, see http://www.squid-cache.org/mailing-lists.htmlReceived on Sun Sep 03 2000 - 15:16:09 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:55:12 MST