On 2014-03-17 05:57, PavelD wrote:
Hi,
In my diploma thesis I need connect proxy squid, dns bind9 and
iptables. I
am trying to do some basic security against DNS tunnels. I want to put
in a
lab at school where every people has only one IP address, but If
someone use
multiple device to access I get record WHO IP TIME. You can not figure
out
how to get the IP address in the auth plugin or how to set up logging.
Okay. So it is just logging. Good.
What you can do is have an external ACL helper doing the logging using
"%SRC %LOGIN" format parameters as the line to log (excluding date) and
always returning "OK" to Squid. A ttl=86400 prevents the helper being
contacted more than once per day per user:IP pair.
logger.sh:
#!/bin/bash
while read id data; do
dt=`date --utc`
echo "${dt} ${data}" >>users.log
echo "${id} OK"
done
squid.conf:
auth_param ...
acl auth proxy_auth REQUIRED
external_acl_type logger concurrency=20 ttl=86400 ... %SRC %LOGIN ...
acl logger external logger
http_access deny !auth
http_access deny !logger
Amos
