On 2014-03-17 05:57, PavelD wrote:
> Hi,
> In my diploma thesis I need connect proxy squid, dns bind9 and
> iptables. I
> am trying to do some basic security against DNS tunnels. I want to put
> in a
> lab at school where every people has only one IP address, but If
> someone use
> multiple device to access I get record WHO IP TIME. You can not figure
> out
> how to get the IP address in the auth plugin or how to set up logging.
>
Okay. So it is just logging. Good.
What you can do is have an external ACL helper doing the logging using
"%SRC %LOGIN" format parameters as the line to log (excluding date) and
always returning "OK" to Squid. A ttl=86400 prevents the helper being
contacted more than once per day per user:IP pair.
logger.sh:
#!/bin/bash
while read id data; do
dt=`date --utc`
echo "${dt} ${data}" >>users.log
echo "${id} OK"
done
squid.conf:
auth_param ...
acl auth proxy_auth REQUIRED
external_acl_type logger concurrency=20 ttl=86400 ... %SRC %LOGIN ...
acl logger external logger
http_access deny !auth
http_access deny !logger
Amos
Received on Mon Mar 17 2014 - 00:15:48 MDT
This archive was generated by hypermail 2.2.0 : Mon Mar 17 2014 - 12:00:05 MDT