Squid / ident / dansguardian

REMY Julien · *nix forums beginner Joined: 16 May 2006 Posts: 5

Bonjour,

Somebody advised me to position DansGuardian between Squid and Internet
(instead of placing it between customers and Squid). That requires to
configure Squid so that it makes call to DansGuardian as with a proxy
relative. The stations will be connected then directly to Squid, it
will allow to use all the functionalities of authentification and of
ACLs de Squid.

Do you have a small idea? Can you explain to me how to make?

Thank you

Hello,

REMY Julien · *nix forums beginner Joined: 16 May 2006 Posts: 5

When Ident turns, normally I should not authenticate myself because I am in the ACL ident. Of course, I put in my navigator the port of dansguardian (8081). If I stopped Ident I must normally authenticate myself. However it is not the case. It's my problem.

I use Dansguardian because it is a good software of filtering of contents of Web pages. It is a good means of safety for the company.

ACL ServiceInfo ident /etc/squid/listeUtilisateurs
ACL authenticate proxy_auth REQUIRED

http_access allow ServiceInfo
http_access allow authenticate
http_access deny all

Then I configured my external authenticator (auth_param basic program msntauth). msntauth functions, I tested it thanks to the order /

/usr/lib/squid/msntauth
Util Password
OK

-----Message d'origine-----
De : Peter Albrecht [mailto:peter.albrecht@novell.com]
Envoyé : mardi 16 mai 2006 14:24
À : REMY Julien
Objet : Re: [squid-users] Squid / ident / dansguardian

Hello,

REMY Julien · *nix forums beginner Joined: 16 May 2006 Posts: 5

Hello

I removed the file msntauth.allowusers. Only the users present in the ACL UtilAutorises Ident are taken into account.

If I go on Internet, that functions but when I stopped the service Ident, I should not authenticate myself. It is always the same problem.

Peter Albrecht · *nix forums beginner Joined: 17 Mar 2005 Posts: 18

Hello,

I'm not sure if I got everything correctly ...

REMY Julien · *nix forums beginner Joined: 16 May 2006 Posts: 5

hello

I am French

I would like to know if Dansguardian functions with Ident because my
problem my problem is as follows.

I set up a proxy with Squid (version 2.5) and Dansguardian (version
2. Cool

. Each station Windows customer has a service Ident (version
1.1.0).I chose like mode of authentification msnt_auth. I use the OS
Redhat ES4 (core: 2.6.9-11.EL).

In the file squid.conf, I specified the following ACL :

ACL ServiceInfo ident listeUtilisateurs
http_access allow ServiceInfo

In the file of configuration of msnt (msntauth.allowusers), I specified
the list of the authorized users.

Thus normally, if the Ident service turns on my machine and that I am in
the ACL ServiceInfo and the file msntauth.allowusers, I can reach
Internet without me to authenticate. However it is not the case.

I tried in the file dansguardian.conf to specify 127.0.0.1 for the field
proxyip and I do not require more to authenticate to me to reach to
Internet, but on the other hand, if I kill the service Ident, I can
reach the Net without authentification. That is thus not normal.

What I would like, it is that when a user present in the ACL and the
file of msnt and having Ident who turn, it can reach the Net without
authentification. On the other hand, the other users will have to
authenticate themselves

Thank you for your assistance

Google