"don't do that."
As someone who did this 10+ years, I suggest you do this.
* do some hackery to find out how your freeradius server stores the
"currently logged in users". It may be in a mysql database, it may be
in a disk file, etc, etc
* have your redirector query -that- directly, rather than running
radwho. When I did this 10 years ago, the radius server kept a "wtmp"
style file with current logins which worked okish for a few dozen
users, then sucked for a few hundred users. I ended up replacing it
with a berkeley DB hash table to make searching for users faster.
* then in the helper, cache the IP results for a short period (say, 5
to 10 seconds) so frequent page accesses wouldn't result in a flurry
of requests to the backend
* keep the number of helpers low - you're doing it wrong if you need
more than 5 or 6 helpers doing this..
Adrian
2009/8/8 <michel_at_casa.co.cu>:
> Hello
>
> Using squid 2.6 on my work, I have a group of users who connect by dial-up
> access to a NAS and a server freeradius to authenticate each time they log
> my users are assigned a dynamic IP address, making it impossible to create
> permissions without authentication by IP address.
>
> now to assign levels of access to sites are
> authenticating against an Active Directory, but I want to change that.
>
> I want to create a script for when you get a request to the squid from the
> block of IP addresses, run a script that reads the username and IP address
> from the server freeradius radwho tool that shows users connected + ip
> address or mysql from which you can achieve the same process
>
> and can be compared to a text file if the user is listed, then access it
> without authentication of any kind.
>
> It is possible to do this?
>
> Sorry for my english, is very poor.
>
> Thanks
>
> Michel
>
>
>
>
>
> ----------------------------------------------
> Webmail, servicio de correo electronico
> Casa de las Americas - La Habana, Cuba.
>
>
Received on Sun Aug 09 2009 - 09:10:46 MDT
This archive was generated by hypermail 2.2.0 : Mon Aug 10 2009 - 12:00:15 MDT