Henrik Nordstrom <henrik@xxxxxxxxxxxxxxxxxxx> ha escrito:
fre 2009-08-07 klockan 21:34 -0400 skrev michel@xxxxxxxxxx:
Using squid 2.6 on my work, I have a group of users who connect by
dial-up access to a NAS and a server freeradius to authenticate each
time they log my users are assigned a dynamic IP address, making it
impossible to create permissions without authentication by IP address.
Ok.
I want to create a script for when you get a request to the squid from
the block of IP addresses, run a script that reads the username and IP
address from the server freeradius radwho tool that shows users
connected + ip address or mysql from which you can achieve the same
process
The user= result interface of external acls is intended for exacly this
purpose.
What you need is a small script which reads IP addresses on stdin (one
at a time) and prints the following on stdout:
OK user=radiususername
if the user is authenticated via radius, or
ERR
if the user is not and should fall back on other authentication methods.
You can then plug this into Squid using external_acl_type, and bind an
acl to that using the external acl type. Remember to set ttl=nnn and
negative_ttl=nnn as suitable for your purpose.
Regards
Henrik
Hello
This Script could be in Perl?
Could get some example how to be able to guide me?
Sorry for the inconvenience
Thanks
----------------------------------------------
Webmail, servicio de correo electronico
Casa de las Americas - La Habana, Cuba.
