We're getting ready to do this too. Two approaches we have so far are:
1) Use the Filter-Id reply item. When the NAS sees this, it will load a filter by that name that you must have already configured on that NAS and saved. The filter is a series of rules based on protocol, IP address block, and port. That filter will then apply to that user for the duration of his session. 2) Tunnel. I'm just looking into this now. We might tunnel the user to a specific box. This box will then pass all traffic besides port 80 to the outside. But port 80 will be redirected to Squid. I think there are Tunnel RADIUS attributes we can use to invoke this on a per-user basis... Dave > -----Original Message----- > From: Rolando Riley [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, February 05, 2002 8:45 AM > To: [EMAIL PROTECTED] > Subject: (RADIATOR) Content filtering > > > Hi list: > This is not probably a radius question although radius > is involved as one of the main elements. Our goal is make > content filtering with a software like ( smartfilter, > websense or squidguard) under the following scenario. > > 1) A customer dials in to our ISP. > 2) Our radius auths and accounts the user connection. > 3) Our radius forward the user info to squid ( or any other Cache). > 4) Squid verify the user policies for http requests against > SmartFilter . > > 5) If SmartFilter has any matching against the user it > applies the filter. > else it lets the user browse any site. > > > Does anyone have an idea or an experience on how to > make this work? > > We basically want to do content filtering as a customer service. > > > best regards, > > > ----------------------------------------------- > Ing. Rolando Riley > Administrador de Sistemas Unix > (Unix System Administrator) > AYAYAI.COM S.A. > Tel: (507) 265-2424 ext. 408 > ----------------------------------------------- > > === > Archive at http://www.open.com.au/archives/radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. > === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
