Hi
thanks for your answer, but this is authentified by IP or username not
by the Active Directory group no ?
I can't base my restriction by IP, because i am in DHCP, and not by
username, because i don't want
add manually all user (20 000) into the squidguard config
Bye
Vijayakumar Perumal a écrit :
> use th squidGuard filter.conf like this.
>
> T.P.Vijayakumar,
> +91-9840280030.
> ===============================================================
>
> logdir /usr/local/squidGuard/log
> dbhome /usr/local/squidGuard/db
>
> src HTTP-VIP {
> ip 10.0.0.0/24 # range 10.0.0.0 - 10.0.0.255
> # AND
> user foo bar # ident foo or bar
> }
>
> src HTTP-RESTRICTED {
> ip 10.0.0.0/22 # range 10.0.0.0 - 10.0.3.255
> }
>
> dest porn {
> domainlist porn/domains
> urllist porn/urls
> }
>
> acl {
> HTTP-VIP {
> pass all
> }
>
> HTTP-RESTRICTED {
> pass !porn all
> }
>
> default {
> pass none
> redirect
> http://yoursquidip/cgi/blocked?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
> }
> }
>
> ===============================================================
>
>
> --- Noc Phibee <noc@phibee.net> wrote:
>
>
>> Hi
>>
>> actually, i use Squid with a Active Directory
>> Authentification.
>>
>> I use ntlm + wbinfo_group.pl for authenticate a
>> user.
>> When a user are not into the groups HTTP, he can't
>> going on the web.
>>
>> Now i want add SquidGuard, but my question is:
>>
>> Can i create on my Active Directory two or more
>> groups :
>> HTTP-VIP
>> HTTP-RESTRICTED
>> and say at SquidGuard, user into "HTTP-VIP" can
>> going to all web
>> and not "HTTP-RESTRICTED" ?
>>
>> After the authentification, squid save for sent to
>> squidguard the group
>> of the user ?
>>
>> Thanks for your help
>>
>>
>>
>>
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>
>
>
Received on Thu Dec 15 2005 - 03:25:26 MST
This archive was generated by hypermail pre-2.1.9 : Sat Dec 31 2005 - 12:00:02 MST