Restricting sites to some users - squid

This is a discussion on Restricting sites to some users - squid ; Hi We currently run Squid that uses NTLM for our Windows users. They must be a member of the Proxy Users group in NT to be able to use the internet, works really well and allows me to restrict sites ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Restricting sites to some users

  1. Restricting sites to some users

    Hi
    We currently run Squid that uses NTLM for our Windows users. They must
    be a member of the Proxy Users group in NT to be able to use the
    internet, works really well and allows me to restrict sites via the
    denied.list file.
    I now need to allow a heap of users from remote sites that run only
    Linux to access certain sites that we permit. Where the head office
    Windows users can pretty much access what they want (exception via the
    denied.list) I want to keep these Linux users on an even shorter
    string
    My questions are
    1. Can I setup a single username that these users can use to
    authenticate to the proxy server, or would I be better off creating
    all the remote sites as individual users (for tracking purposes)?
    2. Can I then make these users only use the white.list or how can I
    restrict their ACL's to the allowed sites?

    Any suggestions would be welcome

    Regards
    Scott


  2. Re: Restricting sites to some users

    Hello Scott,

    > We currently run Squid that uses NTLM for our Windows users. They must
    > be a member of the Proxy Users group in NT to be able to use the
    > internet, works really well and allows me to restrict sites via the
    > denied.list file.
    > I now need to allow a heap of users from remote sites that run only
    > Linux to access certain sites that we permit. Where the head office
    > Windows users can pretty much access what they want (exception via the
    > denied.list) I want to keep these Linux users on an even shorter
    > string
    > My questions are
    > 1. Can I setup a single username that these users can use to
    > authenticate to the proxy server, or would I be better off creating
    > all the remote sites as individual users (for tracking purposes)?
    > 2. Can I then make these users only use the white.list or how can I
    > restrict their ACL's to the allowed sites?


    Although this is off topic, since what I have to say about your
    problem does not concern squid, but still -
    We use the safesquid free edition as proxy and application layer
    firewall. We prefer safesquid because it is easy to install and has a
    browser based GUI for management. Your problems can very easily be
    solved with safesquid. Go through the following links, if you care,
    that explains how you can granularly distribute access to users -

    http://www.safesquid.com/html/kb.php?mode=article&k=14

    http://www.safesquid.com/html/kb.php?mode=article&k=15

    Cheers
    Seans


+ Reply to Thread