rcbandit wrote:
Amos Jeffries-2 wrote:
rcbandit wrote:
Amos Jeffries-2 wrote:
rcbandit wrote:
Amos Jeffries-2 wrote:
Hi,
I would like to ask you is there a way to configure squid to
redirect
IPs.
I want squid to read IP's from file saved in .TXT format saved on HDD
or
server on internet. And when user's IP matches with the IP from the
TXT
file
squid redirects it to external URL hosted on remote server.
Umm, what exactly are you trying to do with this?
There are several scenarios each with different solutions possible.
Please note the IPs do not have a 1:1 relationship with URLs so
rewriting
a URL based on it's IP is not generally possible.
For example, the URL http://www.google.com/ for example has several
hundred geo-located IPs (not all of which are visible at any time or
at
all), and each of those IPs has a few dozen domain names.
Second question - is there a way to configure squid to read the
external
TXT
file every 10 minutes for example so when I manually enter new IP or
remove
old one squid reads it and reconfigure itself.
No.
For this type of thing use an external_acl_type helper. They are
tested
live for every request with an optional caching time in seconds for
the
results.
I'm getting a vague Idea about what you are trying to do, I don't
think
you want redirection at all. But please state what it is clearly so we
can
be of more help.
Amos
I want to write a PHP billing system for ISPs and web hosting. It's a
hobby
project.
My idea is to control the access to the internal servers with squid and
PHP
program. When the owner of the server don't pay squid blocks the
access.
I will write a PHP program witch will pass IPs to the squid using .TXT
file.
Squid reads the IPs from the file and blocks the access. So I need a
way
to
force squid to read that .TXT file.
Definitely external_acl_type then.
FWIW all the CDN providers I know of (self included) have some form of
this already existing in practice. Often more efficiently integrated
into the local authentication mechanisms than .txt method would allow
for.
The formal Quota feature is also being worked on to integrate finer
control into later Squid releases.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE6 or 3.0.STABLE14
Current Beta Squid 3.1.0.7
How to integrate squid's local authentication mechanisms with PHP
program.
Do you know how to do it?
Depends entirely on the local authentication mechanism. Some get plugged
in through the bundled helpers and policy logic written into squid.conf.
Others get a helper written up specially to cope with the unusual
environment.
All helpers, authentication ones included can be coded up in any
language. Squid passes a fixed format of fields "username password" to
the auth helpers.
basic auth is "user pass"
digest auth is "user realm"
negotiate and ntlm auth take a binary blob of data base64 encoded.
external_acl_type helper has flexible format defined by the local admin
or app requirements.
There is a dummy auth helper code at:
http://wiki.squid-cache.org/ConfigExamples/Authenticate/LoggingOnly
the active code of the helper can be written up to perform any business
logic needed. Only the input and output formats are fixed.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE6 or 3.0.STABLE14
Current Beta Squid 3.1.0.7
Hi,
I have news - my friend advice me to use LDAP - PHP writes the IPs to
LDAP and squid reads them. Is it possible to do it?
Thats a question between LDAP and PHP. I have no idea.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE6 or 3.0.STABLE14
Current Beta Squid 3.1.0.7
