Matt Hyne writes:
>
> Folks,
>
> My father has a small business network with about 12-15 users and a dial-on-demand
>internet connection running from a Linux box to his local ISP.
>
> What he would like to try and do is require PC users wanting to use the web to have
>to authenticate before they can access any external webpages. This is because he
>only wants a select number of staff to have web access as it is expensive and uses
>bandwidth.
squid supports an external authentication program. there are modules
for ldap smb normal /etc/passwd etc. if there isn't one you like you
can easily write your own.
>
> Now, the first thing someone is going to say is "why don't you block the ip
>addresses of the un-authorised users' PCs" - well the staff do a lot of hot-desk work
>where they will not be using the same PC every day. Also, in other areas, 5 or 6
>people use the same PC.
>
> My question is - can this be done with squid (and transparently) and does anyone
>have an example config that I can take a look at and try to build my own.
it can be done with squid. you can NOT use it if squid is set up as a
transparent proxy. see the squid faq. if it's a normal proxy setup
it works like a charm.
Bart
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
