Re: [squid-users] Script Check

From: <michel_at_casa.co.cu>
Date: Sun, 09 Aug 2009 14:39:33 -0400

Hello

My server freeradius users currently stored in a file on disk, but it
is best to do what I want, I can configure it to store it in mysql.

What I need is help me, explain me, guide me how can I achieve my goal.

Thanks

Michel

Adrian Chadd <adrian_at_squid-cache.org> ha escrito:

> "don't do that."
>
> As someone who did this 10+ years, I suggest you do this.
>
> * do some hackery to find out how your freeradius server stores the
> "currently logged in users". It may be in a mysql database, it may be
> in a disk file, etc, etc
> * have your redirector query -that- directly, rather than running
> radwho. When I did this 10 years ago, the radius server kept a "wtmp"
> style file with current logins which worked okish for a few dozen
> users, then sucked for a few hundred users. I ended up replacing it
> with a berkeley DB hash table to make searching for users faster.
> * then in the helper, cache the IP results for a short period (say, 5
> to 10 seconds) so frequent page accesses wouldn't result in a flurry
> of requests to the backend
> * keep the number of helpers low - you're doing it wrong if you need
> more than 5 or 6 helpers doing this..
>
>
>
> Adrian
>
> 2009/8/8 <michel_at_casa.co.cu>:
>> Hello
>>
>> Using squid 2.6 on my work, I have a group of users who connect by dial-up
>> access to a NAS and a server freeradius to authenticate each time they log
>> my users are assigned a dynamic IP address, making it impossible to create
>> permissions without authentication by IP address.
>>
>> now to assign levels of access to sites are
>> authenticating against an Active Directory, but I want to change that.
>>
>> I want to create a script for when you get a request to the squid from the
>> block of IP addresses, run a script that reads the username and IP address
>> from the server freeradius radwho tool that shows users connected + ip
>> address or mysql  from which you can achieve the same process
>>
>> and can be compared to a text file if the user is listed, then access it
>> without authentication of any kind.
>>
>> It is possible to do this?
>>
>> Sorry for my english, is very poor.
>>
>> Thanks
>>
>> Michel
>>
>>
>>
>>
>>
>> ----------------------------------------------
>> Webmail, servicio de correo electronico
>> Casa de las Americas - La Habana, Cuba.
>>
>>
>

----------------------------------------------
Webmail, servicio de correo electronico
Casa de las Americas - La Habana, Cuba.
Received on Sun Aug 09 2009 - 18:40:57 MDT

This archive was generated by hypermail 2.2.0 : Mon Aug 10 2009 - 12:00:15 MDT