You may use squid's authentication capabilities based on PAM for example and people log in squid (popup) before they can browse the net. The rules are then based on squid's rights on URLs and people. But about other protocol than http and the CONNECT query (ftp, etc...), squid will have no clue i guess. Look at nufw if you need something stronger and more powerful. http://www.nufw.org/-English-.html Le mardi 20 mars 2007 à 14:52 -0300, Mauricio Silveira a écrit : > Hi all, > > I'm wondering if it is possible to make squid call an external script or > binary (even better natively) to enable NAT access to specific user group. > > The scenario is: I have a network where everyone should have > restrictions, use the proxy to surf the Internet as is an usual squid > implementation. BUT, I need to allow full NAT access to stations, based > on username, such an user would be the network admin. > > EG: if a common worker logs in, no extra NAT access will be allowed, > proxy only access, blocking MSN an everything else necessary. I am an > admin, inside the group "full_access" and I need full NAT access to the > world, but i need this while I'm logged to a station, no matter what > station I'm logged on. Logging off will remote my NAT rights for the IP. > > Did I make myself clear? > Is it possible? Any hints? > > Thanks! > > Mauricio - To unsubscribe from this list: send the line "unsubscribe linux-admin" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
