Re: [squid-users] ditch squid or not?

From: Henrik Nordstrom <[email protected]>
Date: Thu, 04 Jan 2007 15:13:44 +0100

ons 2007-01-03 klockan 11:06 -0500 skrev Nick Duda:

> I want to block certain people/groups from using certain blacklists (the
> ones from urlblacklist.com) while allowing other access to them. Based
> on previous emails to the squid group and the fact that nobody answers
> or knows anything about squidguard on the squidguard mailing list
> (ironic), squidguard can't do what i want.

This is a bit hard to do when implementing access controls via the
redirector / url rewriter interface of Squid. To do this via the
redirector / url rewriter interface the helper must implement it's own
group membership lookup, separate from Squid.

There is two sane alternatives for doing this with Squid

a) Implement the missing acl types from SquidGuard in Squid (mainly the
"urllist" acl type), giving Squid the same acl processing capabilities
as SquidGuard.

b) Modify SquidGuard somewhat allowing it to be used as an external acl
helper instead.

Both approaches gives you the full powers of Squid access controls, user
identification, group memberships etc, combined with the full blacklist
matching capabilities of SquidGuard.

Regards
Henrik

Received on Thu Jan 04 2007 - 07:13:51 MST

This archive was generated by hypermail pre-2.1.9 : Thu Feb 01 2007 - 12:00:00 MST