so ip_user wont actually do what i want ( the book isnt clear actually what it is there for) - thanks Henrik what i want is to get the currently logged-in user and pass it to squid which will then authenticate against that with no further dialog boxes etc . i can then add eg time-based ACLs So i thought id try my own. eventually i suspect i'll use gewtpwuid() and look up in /etc/passwd. #!/usr/bin/perl -wl $|=1; my @names=("andrew","anne","nick","emma"); my $username = `whoami` or die "Couldn't execute command: $!"; chomp($username); open (F, '>/tmp/data.txt'); print F "$username\n"; close (F); my $i=0; while ($i<$#names) { if ($names[$i] eq $username){print "OK user=$username";exit;} $i++; } print "ERR"; and this returns the current user and writes it to the file. my squid.conf hepworth andrew # cat /etc/squid/squid.conf |grep ^acl acl all src 0.0.0.0/0.0.0.0 acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl purge method PURGE acl CONNECT method CONNECT acl annes external MyAclHelper acl QUERY urlpath_regex cgi-bin \? acl apache rep_header Server ^Apache hepworth andrew # cat /etc/squid/squid.conf |grep ^http http_access Safe_ports allow http_access allow annes http_access deny all http_port 3128 hepworth andrew # cat /etc/squid/squid.conf |grep ^external external_acl_type MyAclHelper /etc/squid/myaclhelper hepworth andrew # do i need an auth_param directive as well ? if so what ? so when i request a web page it asks me for a username and password and myaclhelper doesnt write the text file. Should it be doing the 2008/03/21 12:00:16| helperOpenServers: Starting 5 'getpwname_auth' processes line ? hepworth squid # /usr/local/squid/sbin/squid -N -d6 2008/03/21 12:00:16| Starting Squid Cache version 2.6.STABLE18 for i686-pc-linux-gnu... 2008/03/21 12:00:16| Process ID 19869 2008/03/21 12:00:16| With 1024 file descriptors available 2008/03/21 12:00:16| Using epoll for the IO loop 2008/03/21 12:00:16| Performing DNS Tests... 2008/03/21 12:00:16| Successful DNS name lookup tests... 2008/03/21 12:00:16| DNS Socket created at 0.0.0.0, port 32860, FD 6 2008/03/21 12:00:16| Adding domain home.nw from /etc/resolv.conf 2008/03/21 12:00:16| Adding nameserver 192.168.0.254 from /etc/resolv.conf 2008/03/21 12:00:16| helperOpenServers: Starting 5 'getpwname_auth' processes 2008/03/21 12:00:16| Unlinkd pipe opened on FD 17 2008/03/21 12:00:16| Swap maxSize 102400 KB, estimated 7876 objects 2008/03/21 12:00:16| Target number of buckets: 393 2008/03/21 12:00:16| Using 8192 Store buckets 2008/03/21 12:00:16| Max Mem size: 8192 KB 2008/03/21 12:00:16| Max Swap size: 102400 KB 2008/03/21 12:00:16| Rebuilding storage in /usr/local/squid/var/cache (CLEAN) 2008/03/21 12:00:16| Using Least Load store dir selection 2008/03/21 12:00:16| Current Directory is /etc/squid 2008/03/21 12:00:16| Loaded Icons. 2008/03/21 12:00:16| Accepting proxy HTTP connections at 0.0.0.0, port 3128, FD 19. 2008/03/21 12:00:16| Accepting ICP messages at 0.0.0.0, port 3130, FD 20. 2008/03/21 12:00:16| WCCP Disabled. 2008/03/21 12:00:16| Ready to serve requests. 2008/03/21 12:00:17| Done reading /usr/local/squid/var/cache swaplog (688 entries) 2008/03/21 12:00:17| Finished rebuilding storage from disk. 2008/03/21 12:00:17| 688 Entries scanned 2008/03/21 12:00:17| 0 Invalid entries. 2008/03/21 12:00:17| 0 With invalid flags. 2008/03/21 12:00:17| 688 Objects loaded. 2008/03/21 12:00:17| 0 Objects expired. 2008/03/21 12:00:17| 0 Objects cancelled. 2008/03/21 12:00:17| 0 Duplicate URLs purged. 2008/03/21 12:00:17| 0 Swapfile clashes avoided. 2008/03/21 12:00:17| Took 0.4 seconds (1801.4 objects/sec). 2008/03/21 12:00:17| Beginning Validation Procedure 2008/03/21 12:00:17| Completed Validation Procedure 2008/03/21 12:00:17| Validated 688 Entries 2008/03/21 12:00:17| store_swap_size = 4320k 2008/03/21 12:00:17| storeLateRelease: released 0 objects