Noel Manansala escreveu:
Hi, I am using Squid 3.0 on a Fedora 5. Authentication is thru ncsa_auth. My question is, is there a way to limit the users to access the internet only in some specified machine. The control will be based on the login account. Example, user squid_user can only access the internet if he uses IP address 192.168.20.10. Is this possible?
Yes, completly possible. If we're talking about few users and you dont care of creating ACLs for each one of them, you can easily do:
acl ip_john src 192.168.20.10 acl user_john proxy_auth -i john http_access allow ip_john user_john http_access deny user_john and repeating this several times, just adjusting username and IP address.If we're talking of several users, maybe using the ip_user external helper would be a smarter idea. Look the README of this helper:
http://fresh.t-systems-sfr.com/unix/src/www/squid-3.0.PRE6.tar.gz:a/squid-3.0.PRE6/helpers/external_acl/ip_user/READMEIf you're using squid from a prebuild package (RPM, deb, etc), please check the presence of ip_user helper. If it's available from your package it should be easy to use it. If it's not available, probably we'll need some tweaking and rebuilting the package. If you're compiling squid, it should be even easier recompiling it adding the new helper.
-- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertrudes@xxxxxxxxxxxxxx My SPAMTRAP, do not email it
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
