Hi there,

I'm running a Suse 8.2 server with a couple of MS XP workstations. I'd like to control the outward (and inbound) HTTP traffic of the users by limiting the daily access time per user-id. Is there any software package for Linux available with such a feature?

Dirk

Are you using the server as a gateway/router or just as a web proxy?

Not sure about by username, but for sure by IP address. You can use any firewall to do that.

By username, you might actually have to create an LDAP server or something like that for the win boxes so that they have to log onto the network and then your machine would validate the services they were allowed.

Also, you can set up a web proxy and use Dan's Guardian to filter out bad content (or any content for that matter).

Squid can do that - but it can be a fiddly thing to configure. You'd create an access control entry like (you'd need other entries for users, IP addresses, etc.):
This would allow access on a Friday from 9am to 12 noon. Then you enable the acl:
The thing is, the entries have to be in the right place in relation to the other acl entries. Fortunately you can turn up the debug level and get back plenty of info from the logs, but it's not something you do in 5 minutes unless you're familiar with this sort of thing.

Just because I'm curious, how would the squid server know who was on the windows boxes?

If there is a way to let Squid know what the user is, then it's the solution. I'm using a DHCP server and no static IP addresses (kids are demanding these day's).
Any suggestions?
(by the way the server is used as gateway and file server. It also hosts a MTA. offcourse it's all firewalled.)

The users would have to sign in to the proxy server - Squid can use authentication. There needs to be a passwd file (it can be created with the htpasswd app that comes with Apache) and the squid.conf file needs to contain something like the following in the acl lists:
and the following in the access section:
Squid supports other forms of authentication as well but that's the only one I've set up. My users have Firefox as their browser and just save the proxy username/password. Since they also have to sign in to their PC, it's only a small risk saving the proxy details.

Sounds good. I give it a try. Thanks!

I used the info at http://www.squid-cache.org/Doc/FAQ/FAQ-19.html#ss19.6 and it worked for me after a couple of attempts (I didn't read it the way they wrote it). Let me know if you have any problems

Do I need to upgrade to a more actual verion of Suse?

I don't think so - squid-2.5.STABLE9-4.1.i586.rpm is on disk 4 of my copy of SUSE 9.3

Dang - I could have sworn I read SUSE 10 in your first post. Sorry, my mistake. Possibly you can download a squid package from http://download.novell.com/index.jsp...t=hdr_download