Search squid archive

Re: Script Check

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




Hello

My server freeradius users currently stored in a file on disk, but it is best to do what I want, I can configure it to store it in mysql.

What I need is help me, explain me, guide me how can I achieve my goal.

Thanks

Michel


Adrian Chadd <adrian@xxxxxxxxxxxxxxx> ha escrito:

"don't do that."

As someone who did this 10+ years, I suggest you do this.

* do some hackery to find out how your freeradius server stores the
"currently logged in users". It may be in a mysql database, it may be
in a disk file, etc, etc
* have your redirector query -that- directly, rather than running
radwho. When I did this 10 years ago, the radius server kept a "wtmp"
style file with current logins which worked okish for a few dozen
users, then sucked for a few hundred users. I ended up replacing it
with a berkeley DB hash table to make searching for users faster.
* then in the helper, cache the IP results for a short period (say, 5
to 10 seconds) so frequent page accesses wouldn't result in a flurry
of requests to the backend
* keep the number of helpers low - you're doing it wrong if you need
more than 5 or 6 helpers doing this..



Adrian

2009/8/8  <michel@xxxxxxxxxx>:
Hello

Using squid 2.6 on my work, I have a group of users who connect by dial-up
access to a NAS and a server freeradius to authenticate each time they log
my users are assigned a dynamic IP address, making it impossible to create
permissions without authentication by IP address.

now to assign levels of access to sites are
authenticating against an Active Directory, but I want to change that.

I want to create a script for when you get a request to the squid from the
block of IP addresses, run a script that reads the username and IP address
from the server freeradius radwho tool that shows users connected + ip
address or mysql  from which you can achieve the same process

and can be compared to a text file if the user is listed, then access it
without authentication of any kind.

It is possible to do this?

Sorry for my english, is very poor.

Thanks

Michel





----------------------------------------------
Webmail, servicio de correo electronico
Casa de las Americas - La Habana, Cuba.






----------------------------------------------
Webmail, servicio de correo electronico
Casa de las Americas - La Habana, Cuba.



[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux