LinuxQuestions.org
Review your favorite Linux distribution.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page URGENT case. Experience on Squid content filtering needed
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 06-25-2006, 01:45 AM   #1
J77
LQ Newbie
 
Registered: Jun 2006
Posts: 1

Rep: Reputation: 0
URGENT case. Experience on Squid content filtering needed

Good day,

I am under pressure from a customer, if anybody can, please help. I have to solve difficult situation.
I have internal network, 30 computers, changing users at the computers, users shall have different internet access rules, it is not possilble (customer denied it) to give each user his own login and pass to squid, because they would tell each other, so everything shold be done withou users action. They use Win XP and IE6, so no automatical configuration of proxy username and pass is possible. Only what we can is, to pre-configure proxy using Active Directory system policy, for each user - this applies to him if he loggs on anywhere.
For simplicity, lets think that users are divided into two main groups, Group1 has access to everywhere excluding adult content, gambling, etc. ; Group2 has access only to .cz domains and also not to adult content, gambling, etc.

I thought of running two proxies, on different ports, for the groups, but it seems that squid cannot run on two ports, and divide requests by it. Also I do not know which other, filetring - capable proxy use, if I will run one squid (for Group2) and other one of Group1. Please, any idea how to solve the situation would help me a lot. With many many thanks, Jaromir
 
Old 06-25-2006, 05:19 PM   #2
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
welcome to LQ!!!

yes, squid is able to use windows active directory for authentication... here's an example howto: http://kb.papercutsoftware.com/Main/...ctiveDirectory (more howtos are just a google away)...

the content-filtering would be dansguardian's domain: http://dansguardian.org/

having said that, a nice integrated solution for this type of job is smoothwall:

http://www.smoothwall.net/products/corporateguardian5/

just my ...

PS: there's no need to write "urgent" in your thread titles... all LQ users' questions enjoy the same level of priority...
Last edited by win32sux; 06-25-2006 at 05:21 PM.
 
Old 06-25-2006, 10:14 PM   #3
msound
Member
 
Registered: Jun 2003
Location: SoCal
Distribution: CentOS
Posts: 465

Rep: Reputation: 30
does the network use static or dynamic ips? my office lan has about 20 users so i use static ips which cleverly match their phone extensions

squid wouldn't need to run over two separate ports, you'd just have to create to acl's. one for each group.

there's also no need to worry about browser or group policy settings, just configure your proxy server to be transparent. the users won't even know they're going through a proxy until their web request gets blocked.

squidguard is a nice alternative to dansguardian. i also like making custom error pages that scare the crap out of the lan users
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
content filtering in sendmail joel17 Linux - Networking 1 02-02-2006 10:07 AM
Content Filtering using Squid toraghun Red Hat 3 11-10-2005 10:42 PM
Possible to get around content-filtering software? servnov Linux - Security 2 09-27-2005 07:11 AM
Content Filtering in linux? dwarf007 Linux - Security 4 07-01-2005 02:38 PM
iptables and content filtering evan1821 Linux - Security 1 06-09-2004 01:03 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 05:21 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration