squidGuard with ident
From: Mark Atherton (htlshoqz_at_yahoo.co.uk)
Date: 03/06/05
- Next message: * Tong *: "Distinguish nntp download from upload"
- Previous message: Michael Heiming: "Re: WRT54GS and port forwarding ssh"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sun, 06 Mar 2005 21:28:03 +0000
Hi,
I'm trying to set up squidGuard so it allows access based on ident
(rfc931/1413). I have a mixed LAN with Windows 98 and Linux PCs. I'd
like to allow unrestricted access for some users , while restricting
access (based on both urls and time of day) for anyone else (including
anyone I can't identify).
First I had to recompile squid from a source rpm with
--enable-ident-lookups because the squid supplied with Mandrake 10.1 is
compiled with it disabled.
I've set up ident on a client and verified that it works by SSHing in
and then using netcat to access port 113 and ident the SSH connection.
I first tried simply inserting
ident_lookup_access deny all
into squid.conf. This didn't work. After some googling I tried instead
acl rfc1413 ident REQUIRED
http_access allow rfc1413
ident_lookup_access allow rfc1413
which works, but now I can't access it without identd running on the
client. I realise that ident is worthless a Windows 98 client, but I
will simply restrict access where ident is unavailable. Essentially I
think the problem is how to require an ident query, but where one is
unavailable to redirect to squidGuard anyway.
Any ideas?
Mark Atherton
- Next message: * Tong *: "Distinguish nntp download from upload"
- Previous message: Michael Heiming: "Re: WRT54GS and port forwarding ssh"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
