Re: [squid-users] FTP access by username from Sander Winkel on 2003-03-05 (squid-users)

From: Sander Winkel <awinkel@dont-contact.us>
Date: Wed, 5 Mar 2003 22:20:26 +0100

I'm using pam_radius authentication, the radius server is a w2k server.
The authentication works perfectly and fast.

Kind Regards,
Sander Winkel

----- Original Message -----
From: "Henrik Nordstrom" <hno@squid-cache.org>
To: "Sander Winkel" <awinkel@gmx.net>
Cc: <squid-users@squid-cache.org>
Sent: Wednesday, March 05, 2003 9:11 PM
Subject: Re: [squid-users] FTP access by username

> Are you using ident for http traffic? Or are you using proxy
> authentication?
>
> Regards
> Henrik
>
> ons 2003-03-05 klockan 09.25 skrev Sander Winkel:
> > I've tried the following rules:
> >
> > acl ftp_ports ports 20 21
> > acl ftp_users ident "/usr/local/squid/etc/ftpusers
> > http_access allow ftp_ports ftp_users
> >
> > Poorly this doesn't work. :(
> > In the logfile I can see the ident name for http traffic but when I use
ftp
> > traffic I don't see the username anymore in the logfile.
> > Instead of that I see the IP-address of the client.
> > So ftp traffic is forbidden cause the username is unknown by squid.
> >
> > Sander Winkel
> >
> >
> > ----- Original Message -----
> > From: "Henrik Nordstrom" <hno@squid-cache.org>
> > To: "Sander Winkel" <awinkel@gmx.net>
> > Cc: <squid-users@squid-cache.org>
> > Sent: Tuesday, March 04, 2003 6:07 PM
> > Subject: Re: [squid-users] FTP access by username
> >
> >
> > > Request for ftp:// objects is under the exact same access controls as
> > > requests for http:// objects.
> > >
> > > This assuming the user is using a browser configured to use Squid as
> > > proxy for FTP.
> > >
> > > Can you be a little more specific on what you have tried and what did
> > > not work?
> > >
> > > Regards
> > > Henrik
> > >
> > >
> > > tis 2003-03-04 klockan 14.45 skrev Sander Winkel:
> > > > Is't possible to control ftp access by username who logged in at the
> > cache?
> > > > I've tried it with an acl but this only worked for http traffic.
> > > > The only way I've found to control ftp traffic is by an ip acl.
> > > > Is it true that ftp traffic can't be controlled by username?
> > > >
> > > > Sander Winkel
> > > --
> > > Henrik Nordstrom <hno@squid-cache.org>
> > > MARA Systems AB, Sweden
> > >
> --
> Henrik Nordstrom <hno@squid-cache.org>
> MARA Systems AB, Sweden
>
Received on Wed Mar 05 2003 - 14:20:36 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:56 MST