Hi
thanks for your answer, but this is authentified by IP or username not
by the Active Directory group no ?
I can't base my restriction by IP, because i am in DHCP, and not by
username, because i don't want
add manually all user (20 000) into the squidguard config
Bye
Vijayakumar Perumal a écrit :
use th squidGuard filter.conf like this.
T.P.Vijayakumar,
+91-9840280030.
===============================================================
logdir /usr/local/squidGuard/log
dbhome /usr/local/squidGuard/db
src HTTP-VIP {
ip 10.0.0.0/24 # range 10.0.0.0 - 10.0.0.255
# AND
user foo bar # ident foo or bar
}
src HTTP-RESTRICTED {
ip 10.0.0.0/22 # range 10.0.0.0 - 10.0.3.255
}
dest porn {
domainlist porn/domains
urllist porn/urls
}
acl {
HTTP-VIP {
pass all
}
HTTP-RESTRICTED {
pass !porn all
}
default {
pass none
redirect
http://yoursquidip/cgi/blocked?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
}
}
===============================================================
--- Noc Phibee <noc@xxxxxxxxxx> wrote:
Hi
actually, i use Squid with a Active Directory
Authentification.
I use ntlm + wbinfo_group.pl for authenticate a
user.
When a user are not into the groups HTTP, he can't
going on the web.
Now i want add SquidGuard, but my question is:
Can i create on my Active Directory two or more
groups :
HTTP-VIP
HTTP-RESTRICTED
and say at SquidGuard, user into "HTTP-VIP" can
going to all web
and not "HTTP-RESTRICTED" ?
After the authentification, squid save for sent to
squidguard the group
of the user ?
Thanks for your help
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
