From linux-umbrella-bounces@lug.lk Thu Sep 24 10:14:28 2009 Received: from localhost.pdn.ac.lk ([127.0.0.1] helo=penguin.lug.lk) by penguin.lug.lk with esmtp (Exim 4.63) (envelope-from ) id 1Mqg7M-0000cS-0C; Thu, 24 Sep 2009 10:09:47 +0530 Received: from [192.248.40.1] (helo=hantana.pdn.ac.lk) by penguin.lug.lk with esmtp (Exim 4.63) (envelope-from ) id 1Mqg1F-0000bK-Tq for linux@lug.lk; Thu, 24 Sep 2009 10:03:29 +0530 Received: from localhost (localhost.pdn.ac.lk [127.0.0.1]) by hantana.pdn.ac.lk (Postfix) with ESMTP id B04A15C031 for ; Thu, 24 Sep 2009 10:03:04 +0530 (LKT) X-Virus-Scanned: amavisd-new at pdn.ac.lk Received: from hantana.pdn.ac.lk ([127.0.0.1]) by localhost (hantana.pdn.ac.lk [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PgQa4usDGKim for ; Thu, 24 Sep 2009 10:03:02 +0530 (LKT) Received: from kitul.learn.ac.lk (kitul.learn.ac.lk [192.248.1.163]) by hantana.pdn.ac.lk (Postfix) with ESMTP id C59AF5C02F for ; Thu, 24 Sep 2009 10:03:02 +0530 (LKT) Received: from localhost (localhost [127.0.0.1]) by kitul.learn.ac.lk (Postfix) with ESMTP id 9678817B8E0 for ; Thu, 24 Sep 2009 10:03:02 +0530 (IST) X-Virus-Scanned: amavisd-new at learn.ac.lk Received: from kitul.learn.ac.lk ([127.0.0.1]) by localhost (kitul.learn.ac.lk [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YaTDvRCLcegA for ; Thu, 24 Sep 2009 10:02:52 +0530 (IST) Received: from mail-px0-f175.google.com (mail-px0-f175.google.com [209.85.216.175]) by kitul.learn.ac.lk (Postfix) with ESMTP id 0782C17B8BE for ; Thu, 24 Sep 2009 10:02:28 +0530 (IST) Received: by pxi5 with SMTP id 5so1160052pxi.12 for ; Wed, 23 Sep 2009 21:32:27 -0700 (PDT) MIME-Version: 1.0 Received: by 10.142.75.12 with SMTP id x12mr230988wfa.157.1253766747034; Wed, 23 Sep 2009 21:32:27 -0700 (PDT) Date: Thu, 24 Sep 2009 10:02:27 +0530 Message-ID: From: tidalbobo To: linux@lug.lk, cse9899@yahoo.com Content-Type: multipart/alternative; boundary=001636e1fb5d96960404744b5106 X-BeenThere: linux-umbrella@lug.lk X-Mailman-Version: 2.1.9 Precedence: list Sender: linux-umbrella-bounces@lug.lk Errors-To: linux-umbrella-bounces@lug.lk X-Mailman-Approved-At: Mon, 28 Sep 2009 15:17:44 +0530 Subject: [linux] SQUID-LDAP problem X-BeenThere: linux@lug.lk List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Sep 2009 04:46:40 -0000 --001636e1fb5d96960404744b5106 Content-Type: text/plain; charset=ISO-8859-1 I need some help to get squid to validate user's IP taken from an (open)LDAP server. Basically, the LDAP server will have each users username, password and ip When connecting to squid, - will chec to see if user name and pass is ok against the LDAP. For this i have used auth_param basic program /usr/lib/squid/squid_ldap_auth -b "O=XXXXXXX" -f "(&(uid=%s))" -h XXXXXXXX this is ok and working nicely - Now, once the user is properly authenticated, i need squid to check the users IP with that stored in the LDAP, and allow only if they match. Any help on this? Has to be done via the IP information stored in LDAP. There seems to be lots of ways to validate the IP from a file (txt), but that is not what i need. Thanks in advance --001636e1fb5d96960404744b5106 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable I need some help to get squid to validate user's IP taken from an (open= )LDAP server.

Basically, the LDAP server will have each users=A0 use= rname, password and ip
When connecting to squid,
  • will chec to= see if user name and pass is ok against the LDAP. For this i have used
auth_param basic program /usr/lib/squid/squid_ldap_auth -b "O=3DX= XXXXXX" -f "(&(uid=3D%s))" -h XXXXXXXX
this is ok and= working nicely

  • Now, once the user is properly authenticated= , i need squid to check the users IP with that stored in the LDAP, and allo= w only if they match.
Any help on this?
Has to be done via the IP information stored in L= DAP. There seems to be lots of ways to validate the IP from a file (txt), b= ut that is not what i need.

Thanks in advance





--001636e1fb5d96960404744b5106--