Re: [squid-users] Port or switch level authorization
Thanks Amos, OK this seems to answer my question. A session helper with ttl=3 should be enough if it will return the username associated by the helper. The next thing is to block traffic if there is no username. Eliezer Eliezer Croitoru Tech Support Mobile: +972-5-28704261 Email: ngtech1...@gmail.com Zoom: Coming soon -Original Message- From: squid-users On Behalf Of Amos Jeffries Sent: Tuesday, February 9, 2021 5:30 AM To: squid-users@lists.squid-cache.org Subject: Re: [squid-users] Port or switch level authorization On 8/02/21 10:48 pm, Eliezer Croitoru wrote: > I have a Mikrotik PPPOE server and I would like to register the logged in > user on PPPOE Tunnel creation. > In the mikroitk device I have a code which can run a curl/fetch request with > the login details ie IP and username towards any server. > I was thinking about creating a PHP api that will be allowed access only > from the Mikrotik devices. > On every login the user+IP pairs will be written to a small DB. > Squid in it's turn will use an external helper to run queries against the DB > per request with small cache of 3-10 seconds. Do you mean the ext_session_sql_acl helper? > > What's the best way to pass a username so with the ip it will be logged. > The helper needs to return user= kv-pair to Squid for this to be an "authentication" rather than just authorization. That username will be logged without anything special having to be done. Amos ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] Port or switch level authorization
On 8/02/21 10:48 pm, Eliezer Croitoru wrote: I have a Mikrotik PPPOE server and I would like to register the logged in user on PPPOE Tunnel creation. In the mikroitk device I have a code which can run a curl/fetch request with the login details ie IP and username towards any server. I was thinking about creating a PHP api that will be allowed access only from the Mikrotik devices. On every login the user+IP pairs will be written to a small DB. Squid in it's turn will use an external helper to run queries against the DB per request with small cache of 3-10 seconds. Do you mean the ext_session_sql_acl helper? What's the best way to pass a username so with the ip it will be logged. The helper needs to return user= kv-pair to Squid for this to be an "authentication" rather than just authorization. That username will be logged without anything special having to be done. Amos ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
[squid-users] Port or switch level authorization
I have a Mikrotik PPPOE server and I would like to register the logged in user on PPPOE Tunnel creation. In the mikroitk device I have a code which can run a curl/fetch request with the login details ie IP and username towards any server. I was thinking about creating a PHP api that will be allowed access only from the Mikrotik devices. On every login the user+IP pairs will be written to a small DB. Squid in it's turn will use an external helper to run queries against the DB per request with small cache of 3-10 seconds. What's the best way to pass a username so with the ip it will be logged. Thanks, Eliezer Eliezer Croitoru Tech Support Mobile: +972-5-28704261 Email: ngtech1...@gmail.com Zoom: Coming soon ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users