Can someone explain how I might setup two classes of access for this
scenario and advise what the "best" ("safest?") method for password
authentication might be:
- I will block http/https from my LAN to the Internet at the firewall and
allow only the proxy/squid machine to pass through the firewall.
- Based on proxy password authentication:
- I want kids to have filtered internet access through squid/squidguard
redirector
- Adults to have unfiltered internet access
- How to grab the password for authentication? I don't really understand
how the auth mechanism works despite rereading the docs and config file
comments.
The squid box is also an NIS/NFS/Samba host so has the password files on it.
How do I setup authentication and can I use the /etc/shadow files for
this purpose safely or is there another mechanism more suitable such as
an .htpasswd file or I have heard of people using PAM modules?
Some details on the machine and software in use:
- AMD-K62-380 MHZ
- Red Hat Linux release 7.3 (Valhalla)
- Kernel 2.4.18-18.7.x on an i586
- squid-2.4.STABLE6-6.7.3 RPM
- squidGuard-1.2.0.tar.gz
- blacklists.tar.gz from yesterday
- Squid lives on my root file system:
Filesystem Size Used Avail Use% Mounted on
/dev/hda5 3.9G 2.0G 1.8G 52% /
- Memory
cat /proc/meminfo
total: used: free: shared: buffers: cached:
Mem: 191627264 186085376 5541888 0 56913920 103395328
Swap: 271392768 12627968 258764800
MemTotal: 187136 kB
MemFree: 5412 kB
MemShared: 0 kB
Buffers: 55580 kB
Cached: 99440 kB
SwapCached: 1532 kB
Active: 111764 kB
Inact_dirty: 25668 kB
Inact_clean: 31524 kB
Inact_target: 33788 kB
HighTotal: 0 kB
HighFree: 0 kB
LowTotal: 187136 kB
LowFree: 5412 kB
SwapTotal: 265032 kB
SwapFree: 252700 kB
Committed_AS: 133180 kB
Received on Wed Dec 11 2002 - 22:56:47 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:03 MST