LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 12-03-2008, 05:39 AM   #1
Proxx
LQ Newbie
 
Registered: Sep 2007
Location: Holland
Posts: 20

Rep: Reputation: 0
Squid Proxy + NTLM + squidguard problem!


Hi there, i have a Squid proxy server 2.7 with NTLM verification

before i had the same setup but then with ldap but every time i open a page it is keep asking for passwords.

the NTLM thing kick ass. i never need to logon with password but still i am authenticated!

My Setup:

Ubuntu intrepid
P4 3.2Ghz
2GB Ram
40GB HDD

my Domain is KOBENL

the squid + NTLM Part is working

but i want to exclude people van accessing the Internet.
so in my access.log from squid is the line
Code:
1228303179.455     54 172.16.1.42 TCP_MISS/200 3396 GET http://www.google.nl/ KOBENL\marco DIRECT/74.125.79.103 text/html
before with ldap there was
Code:
1228303179.455     54 172.16.1.42 TCP_MISS/200 3396 GET http://www.google.nl/ marco DIRECT/74.125.79.103 text/html
this was my old squidGuard.conf files administrator part:
Code:
source admin {
        user            marco
        user            administrator
        user            chris
}
with NTLM the usersname that is displayed in the log is

KOBENL\marco so i thought is must change the name in the squidGuard.conf
Code:
source admin {
        user            KOBENL\marco
        user            KOBENL\administrator
        user            KOBENL\chris
}
the squidGuard crashes! apparently squidguard cant use a \ in the name.
on the regular expressions list on the squidguard web page they say the if you need the \ you need to type 2 slashes like: \\

but when i change the KOBENL\marco to KOBENL\\marco

the Pipe is still broken
(squidguard crashes)

there needs to be someway that i can block DOMAIN\users1 from internet but let DOMAIN\users2 visit the web?

OR maybe theres a way to change the output of the users name bat back to normal as i did see in a post from 2006

Quote:
Originally Posted by rowellb View Post
Here's the access.log file, the first line is before NTLM authentication the second line is after.
Code:
1152863042.283 1 127.0.0.1 TCP_DENIED/407 1848 GET http://welcome.hp-ww.com/country/us/.../but_right.gif - NONE/- text/html
1152863110.079 274 127.0.0.1 TCP_MISS/200 1513 GET http://welcome.hp-ww.com/country/us/.../but_right.gif rowellb DIRECT/213.200.97.62 image/gif
Thanks.


[EDIT]------------------------------------------------------------

if you know an other linux based solution with Squid + NTLM + ContentFilter!

Like squid + NTLM + dansguarian
or an other content filter program it is also oke!

the main thing that we would like to do is block specific usernames from internet
block webpages with xx content and some social networking pages.

any help is appreciated !!!!

thanks in advance!

Last edited by Proxx; 12-03-2008 at 07:42 AM.
 
  


Reply

Tags
dansguardian, ntlm, proxy, squid, squidguard


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
squidguard is not working with squid proxy ssilayaraja Linux - Server 5 12-06-2010 06:52 PM
SQUID internet explorer 7 ntlm login problem gianpiero1978 Linux - Server 3 12-10-2008 08:24 PM
squid and AD using ntlm problem dougbourne Linux - Server 4 10-08-2008 02:46 PM
squidGuard+Squid problem ebel.velda Linux - Software 3 07-08-2007 10:09 PM
squid conf: squid failed when I type insert redirect_program /usr/bin/squidguard Niceman2005 Linux - Software 1 11-24-2004 02:29 PM


All times are GMT -5. The time now is 12:22 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration