I am in the beginning stages of doing just this but for a school. The only prerequisites for this are:
* There is not pretty web interface to add/remove users yet. * all users must have their own IP address.. (you can't use NAT or UNIX boxes to connect to squid) The code I developed is actually a patch to the SquidGuard system in the IDENT section, where it decodes the squid redirector line. What it does it takes the IP address of the client and checks it against a FLAT FILE database (which should be small to limit the overhead on squid, since its re-read on every request, to support immediate changes with out the need to SIGHUP the squid engine.) and if the IP address is in the database it changes the IDENT user to the one specified in the DB. This way you can use ACL's which check for different users and if found set the rules to change depending on every separate user. I need help from people, on this project. Is anyone interested in helping? I am not a wiz with C programming, I can do perl but C is still new to me. My patch is VERY crude, and loosely based on the IP_USER authentication (EXTERNAL ACL) code for the squid proxy, but chopped it up and incorporated it into the squidGuard engine. I am not sure how much performance overhead i took by doing it my way, but if people are willing to help in this area, i'll set up a page on sourceforge for doing it and it maintenance. I need help in these areas: ** C Code cleanup for my patch, especially in performance, but still keeping the ability to make changes IMMEDIATELY! I do not want to have to SIGHUP squid (or squidguard) to make any changes. ** Code to create the databases from yet another database or authentication system. When a user logs in, and is verified, bla bla bla, add the user. The AUTH part needs to support an expiration system, and a few other features. ** code to support the expiration of the bypass codes/accounts There is a few other areas also needed, I am doing it all now, and making progress in many areas at once, but if people are willing to help write software, it can cut the time in half or less. The idea behind its need is because It can support Transparent Proxy, since it doesn't require the SQUID username, and allows immediate changes to the ACL's. The only built in way to support this would be to re-write the squidGuard.conf file every time you needed to unblock something and SIGHUP squid/squidGuard. So if any people are interested let me know, and I'll start the ball rolling and set up a site for it. even if just for the patch now. (and hopefully someone can clean up my HORRIBLE C coding...) At 06:30 PM 07/10/2002, Andrew Falanga wrote: >Hi, > > Is there a way to override what's been set as blocked at the client > end? Say, for example, user x is blocked from site a. He attempts to > get it, and then is abruptly given the access denied page. Is there a > way of offering the option to this user to override the lock? Yes, I > know, "Doesn't this defeat the purpose of having the filter?" but I was > asked by my client so I need to know the answer. I've been looking and > reading around the web site, but found nothing thus far. > > I'm looking at implementing some kind of filtering software at a > church, and some of the web sites they will be wanting might be blocked > but don't contain off-color, or sickening, content. > >Andy > -^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^- - NOTICE - NOTICE - NOTICE - NOTICE - NOTICE - NOTICE - NOTICE - Pursuant to US Code, Title 47, Chapter 5, Subchapter II, �227, any and all unsolicited commercial E-mail sent to this address is subject to a download and archival fee in the amount of $500 US. E-mailing denotes acceptance of these terms. -^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^- W W W . W i Z K i D . O R G ~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~ Hosting Services & Security Related Information Email: [EMAIL PROTECTED] VoiceMail: 877-215-3556 (Ext: 8978) Fax: 520-447-6985 -^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^- (C)2000 WiZKiD.ORG, All rights reserved, worldwide.
