squid help.
 

hi
i am worldskills compotitor in skills IT/pc and network support ,ask me in on of project that we want squid proxy server that allow users by username for using internet,50 hour per mount and all the limitation by username ? and if the user using the internet and the account will be over ,we want that disconnect from internet.(we can use every package from debian 4.0 etch) plz help me.

saeedos, hi

Squid can manage the access by username, using an "access control list",
or an "acl" as it's usually called.

The access control lists can allow/deny access to the server by time of day. So if you say that any named user can get to the internet via the SQUID server from 0930-1200 on weekdays .. that's 2.5 hrs a day, Mon-Fri, 20 weekdays (max) per month. .. that's 50hrs/month.

If they try to log on out of those hours, they simply get 'Page not available".

But if you want an 'accumulated' 50 hours per month, used at 'any time', that's a bit more tricky, and you'll have to write a script to read statistics from the appropriate SQUID logfile. SQUID maintains 7 log files, and one of them is access.log, which records the times people do things, and how long they take.

The format of the file is timestamp,responsetime, client address, returncode, transfersize, method, uri,clientidentity, etc etc etc.

The fields that will be of interest to you are timestamp (when they asked SQUID for some data), responsetime (how long SQUID took to di it), and you may also be interested in transfersize (how many bytes were handled .. some servers limit you to 100 MB per month), and client identity (if that allows you to better keep track of who's who)

You'll need to write some perl (or other language if that suits you better) to read the logs every so often, and dump accumulated times per user into a file (database?), and when a trigger point is reached (50 hours of usage in your case), the username is inactivated in the acl.

The big 'but' , of course, is that 50 hours of 'activity' is a lot.

Each transaction typically takes milliseconds. SQUID is a 'service' that just remains 'available' until called by a user. They don't 'log on' for a certain period of time, and it seems to me that that is what you are trying to limit .. a total number of hours of 'availability'

In that case, its a simple date-and-time acl, my friend. See below about configuration with WebMin.

One usually administers SQUID either by directly editing the config files, or with WebMin (see www.webmin.com). The WebMinGuide by Joe Cooper (downloadable from the site) will tell you all about it, and what is available within SQUID configuration and setup.

SQUID's home page is www.squid-cache.org, and everything you need to know is either there, including some example scripts to interpret logfiles. or in the HOWTO's. There is another interesting utility available, called Squidalyzer, from Sourceforge.

the website bumf (http://squidalyser.sourceforge.net/) reads .... "Squidalyser is a squid traffic analyser, designed to allow per-user scrutiny and analysis of squid logfiles. The program runs from a Unix system via a web browser."

This product is a utility for manageing and monitoring user access to a SQUID server. But that's what your project is to do, and would be cheating, wouldn't it?

Also .. the book "Squid-the definitive guide" from O'Reill is the best book on SQUID there is. Also see the SQUID HOWTO at the Linux Documentation Project site -> ttp://tldp.org/HOWTO/TransparentProxy.html

Please let me know if this has been helpful

Grif

blocking Websites with squid
 

I have built a Suse 10.3 box running Webmin and Squid proxy. I want to be able to only alow certian web sites for my users to goto. Is there a way to configure this through webmin?