CRX Driver wrote:
For example, if requests are coming from taylor:3128 I want to
filter porn, adult, ads, and limit to approved sites only.
If requests are coming from taylor:3129 I want to filter porn,
adult, ads, and allow everything else. Taylor is a large multiuser system-
so almost all web requests for the facility come from the same IP address, taylor.
After hours of looking at config files, FAQ's, and docs, I give up. I don't think it is possible. Ideally, I would want to run one squid and two squidguards. The squid would call the appropriate squidgauard depending on the source request port.
The port information is not passed on from squid to squidGuard, and squid does not support having more than one redirect processor. So what you want to do can not be accomplished with a single squid and one (or even two) squidGuards. What you want, can be accomplished with two squids, two squidGuards - you can even make them share the same cache by making the one of the squids a child of the other, from a caching perspective, and it will request everything from the other squid process, via the usual squid mechanisms. This is not an elegant solution, but it is the first one that came to mind.
You may also consider something like an iptables or rinetd hack that will take traffic destined to your external IP on port 3129 and redirect it to the localhost on port 3128 -- then you can do it with a single squid and single squidGuard, using the usual source-ip address methods (as the source IP address for port 3129 will then be 127.0.0.1). Not the most elegant solution either, but perhaps workable, and probably faster than my first suggestion.
Aaron S. Joyner
