Internal vs external email

Corey Edwards tensai at zmonkey.org
Thu Jan 26 08:31:08 MST 2006


On Thu, 2006-01-26 at 08:19 -0700, Stephen Smith wrote:
> The only thing I know about Squid is that it is an internet proxy.
> How does it selectively block internet access without knowning the
> clients IP address (DHCP would issue different addresses each day).
> Can it block by MAC address?  From the email point of view, I can see
> that it could block by the sender's address, but I am at a loss as to
> how it would block internet access.

If you really want the finest grained access control you'll want to look
at SOCKS. Squid is an HTTP proxy, while SOCKS is a protocol to proxy any
connection. You can then write all sorts of detailed rules about who can
access which protocol from such and such machine at this time, etc.
<sarcasm>Boy do I wish I could micromanage my company's Internet
access.</sarcasm>

SOCKS requires a username and password to gain access. Squid can be set
up that way as well, without much trouble. It can also use ident to
query the source machine for the logged in user.

> Frankly, I find that the restrictions make my job excessively
> difficult, it would be better to have the ability to view what is
> being accessed on the web by each computer.  Does Squid have a UI that
> makes viewing by computer easy or is there add-on tools to view the
> logs and cache by machine name, MAC or IP?

I've used Calamaris and it works OK. I don't know of any generic tools
to do real-time log analysis, but I haven't looked too closely either.
It shouldn't be hard to parse the log and stick it in a database fronted
by a simple web app.

Corey

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://plug.org/pipermail/plug/attachments/20060126/91720e32/attachment.bin 


More information about the PLUG mailing list