[squid-users] question regarding squid proxy authentication prompt

From: rascal <rascal1981_at_gmail.com>
Date: Tue, 9 Mar 2010 10:47:04 -0500

Hello all,

First, thanks for your time in reading this, I really appreciate it!

I've been working with squid for awhile and it's a awesome tool but I
am trying to figure out a way to do some more customizations and one
of them has me at a road block.  I've searched the FAQs/google/mailing
list(s)/boards/etc... and can't seem to find a clear answer on my
questions.  I know it's possible, I just don't know how....yet!

First, here is my setup:

internet-----Firewall----bsd/squid-3.1.0.13----users
            80/443 only        LDAP/AD authentication

Really a basic setup but the firewall only accepts traffic for the web
from squid and squid only allows people in select groups in Active
Directory to get out to the web.  All intranet traffic is bypassed.
Wpad/group policy provides the browser configuration.

Here is my first question.  I would like to present the user with a
disclaimer prompt when they attempt to go to the internet.  Currently
they get the typical squid requires your username/password to proceed
prompt and I would like to know if I can change that.  I have found
references to using the redirect options but that doesn't seem like
the proper solution to me.  Any thoughts or should I stick with group
policies to provide this (i.e. everytime someone opens their browser
or they log into their computer they get the legal disclaimer)?

My second question might already be answered for me through my
research but I wanted to double check.  I have been lightly playing
with reporting at this point and one of my requests is to see how long
a person spends on a particular site.  For example, say I go to cnet
and read the news for 30 minutes that go to slashdot and read the news
for 10 minutes.  Is there a way or reporting tool that does that out
of the box?  Seems to be this would be a hard one to track with
multitab browsing and I don't know how accurate it would be (people
leaving their browsers open) but nonetheless, I have found a few ways
to do it (home brew scripts) but I wanted to know if there was
something canned out there that could do this.

Thanks for your input on this, I really appreciate it and I am sorry
if this seems like a redundant set of questions!  Take care all and
thanks for your input!
Received on Tue Mar 09 2010 - 15:47:13 MST

This archive was generated by hypermail 2.2.0 : Wed Mar 10 2010 - 12:00:03 MST