Hello All,
I have dialup users nationaly who proxy auth against our radius servers.
My radius servers have accounting records with the IP address of the
logged in dial-up user.
The objective here would be to have squid (possibly as a replacement or
wrapper for Ident lookup) query the accounting data of the radius server
to match a username to an IP address.
This would eliminate the need for proxy_auth (which can get very
annoying very quickly), except in cases where the lookup is
unsuccessfull.
What I imagine would be needed would be perhaps to have the radius
server account to an sql database or to have the squid helper-program
query the flat text logfiles looking for a START record matching the IP
address of the source proxy request and returning the latest record
result/username
This would be especialy usefull to use in conjuction with SquidGuard -
to provide inidvidual users custom tailored access profiles.
I have already gotten rad_auth to work (auth.pl with the Authen::Radius
perl module worked fine, the squid_rad_auth program did not compile and
run correctly...)
As an additional Question: Is there any development/patches to allow
squid to filter incoming contents using a 'Content Redirector' helper
program - much as the URL redirector works?
Currently I have seen dansguardian which works by proxying clients thru
the squid proxy server (kludgey in my book) which destroys access
controll and access profile assignments (as you get in squidguard)
Received on Wed Jan 09 2002 - 09:18:26 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:05:47 MST