Hello ,
thank you very much for the answer , but I've got a problem, I don't know
how to use that...
what I would like to do is for example some user in my network
authenticates with username master (squid basic authentication) , and
that user can do whatever he wants....
the rest who authenticate with internet will be blocked from porn always.
The problem is I don't know how can I make squidguard to know who is
authenticated as master and who is not?
I tried by simply adding master acl and then the default as per your answer
(thinking that maybe somehow squidguard can get some sorta info
about who has authenticated from squid...) , but I think that I messed it up
real good, coz it aint working.
Can you tell me how can I do that?
user authenticates in squid, and based on authentication squidguard decides
whether to allow or deny porn pages...
Sincerely
Robert B
----- Original Message -----
From: "Jay Turner" <jturner@bsis.com.au>
To: <squid-users@squid-cache.org>
Sent: Tuesday, May 17, 2005 10:42
Subject: RE: [squid-users] never use redirector for master user
>
>> > From: Robert Becskei [mailto:brobiwbe@stcable.co.yu]
>> > Hello,
>> >
>> > with the help of the people at this mailing list I managed to
>> > configure my
>> > proxy server so that there is a master
>> > user who can do anything, and there is normal internet user who
>> can only
>> > browse and download a few types of files.
>> >
>> > my problem is :
>> >
>> > redirect_program /usr/bin/squidGuard
>> > redirect_children 4
>> >
>> > is there a way to never redirect master user ? so he can browse porn
>> > sites...?
>>
>> Let SquidGuard do this.
>>
>> Set up an ACL and rule in SquidGuard along the lines of:
>>
>> acl {
>> master {
>> pass any
>> }
>>
>> normal {
>> pass !porn !whateverelse any
>> redirect http://<somesite.com>/
>> }
>> }
>>
>> This will allow master to go anywhere but normal to go anywhere
>> except porn and whateverelse.
>
> You could even make this more simple by:
>
> acl {
> master {
> pass any
> }
>
> default {
> pass !porn !whateverelse any
> redirect http://<somesite.com>/
> }
> }
>
> This doesn't even require the specification of a 'normal' group.
>
> PS my previous post had an implied 'default' rule, but that may have not
> been clear..
>
>
>
Received on Thu May 19 2005 - 09:29:27 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Jun 01 2005 - 12:00:03 MDT