Hi all,

I've tried posting on this in the filter (DansGuardian) message board with not much success as it seems to require more knowledge about Squid than the filtering.

I wish to use Squid alongside a custom identd client to allow me to allow/disallow Internet/Cache access to client stations based on the string returned from the identd client running on these clients. The string returned at this point is likely irrelevant. The initial plan was to have 2 instances of Squid running on the same server. Stations would connect to Squid1 which would authenticate via the identd client and control cache access. Squid1 would not cache. If allowed access, Squid1 would direct stations to an instance of DansGuardian running on the same server which would in turn connect to a second instance of squid which handled caching (call this Squid2). The plan was to use ACL's (and 4 custom ACL's) on Squid1 to handle 4 instances of DansGuardian, each running a different filter config so in effect we could direct a station to the relevant filter allowing us to run different filter levels for different user groups. Hope this makes sense so far? It was planned to be set up as "station -> Squid1(auth) -> DansGuardian(1-4) -> Squid2(cache)". DansGuardian appears to Squid as an upstream parent proxy running on 127.0.0.1 with a port chosen by me eg 8080.

After discussion it was suggested by a few people that the above can be done with a single instance of Squid as opposed to two seperate ones. I've been playing with this sugestion for a good few days now with no success. I can happily get this setup running as "station -> DansGuardian -> Squid" but can't quite suss out the ACL's to allow this to work as "station -> Squid -> DansGuardian -> Squid".

In the majority of usage cases, the server would also have a true upstream proxy/cache aswell. We're currently using Debian and hoped to stick with stable releases of packages so the use of a single Squid is the best way to accomplish this as we wouldn't need to create our own package of Squid to allow us to use a second instance and then have to maintain this extra package alongside the Debian stable one. I'm currently trying to get this working with a single DansGuardian instance and get this working before I move on to having a further 3 instances to allow for the different filter levels.

So, my questions at last!

1) Is the use of a single Squid instance do-able for the situation described?
2) If it is possible is anyone willing to give me a hint as to what my ACL setup may need to be?
3) Can we use a single installation of Squid and start 2 instances with different squid.conf files?


Sincere thanks for any response to this. Once we get this sorted and running in either way we can move on to the management console!

Regards,

nry

_________________________________________________________________
Express yourself with cool emoticons - download MSN Messenger today! http://www.msn.co.uk/messenger


Reply via email to