Topic: restrict user internet access

[williel]

Hi

I have changed the default settings to ask for username and password when a user whant to access the internet, but some of the users I would like to set that it cannot access the internet.

I use it as a mail server as well, so I cannot delete or disable the user.

Can someone please assist.

Thanks

[cjensen]

I have changed the default settings to ask for username and password when a user whant to access the internet

So you added user internet access restrictions???  And you now want to allow some that were restricted?

What did you use to restrict them?

Not enough information to help you...

Craig

[williel]

Hi

I have added a scrpit to ask for authentication, to access the internet, but some of that users I would like to restrict access even when entering the password

[cjensen]

Dansguardian will do what you want.

Craig

[williel]

where can I find it, because on dansguardian.org I found rpm's but non of them are for SME 7?

I have tried downloading the one for redhat 9 but it need a zlib-devel and compat-libstdc++ packages.

Please remember I am a newbie.

Thanks

[cactus]

where can I find it, because on dansguardian.org I found rpm's but non of them are for SME 7?

I have tried downloading the one for redhat 9 but it need a zlib-devel and compat-libstdc++ packages.

Please remember I am a newbie.

Thanks

Check the dungog repository: www.dungog.net.

[chris burnat]

Or, consider purchasing the commercial version released by Dungog, I know I should not make free advertizing here, but Dans can be a bit daunting (as I found out...(':cry:'), the interface provided by Dungog in their package is well worth the investment. Plug and play, almost...

[Tib]

williel

Try this contrib out ... you can block users by ip address as well as dump the cache and bypass cache for particular domains.

http://www.cooltemp.com.au/smefiles/smeserver-squidproperties-1.0.0-01.noarch.rpm

With this contrib you have to nominate the IP you want to block ... there is another contrib out there that blocks all IP's and you have to nominate the IP you want to allow.

http://www.vanhees.cc/modules.php?op=modload&name=CmodsDownload&file=index&req=viewdownloaddetails&lid=307&ttitle=smeserver-squid_restrict_ip-1.0-1.noarch.rpm

Regards,

Tib

[williel]

Hi

Is there a way to rather block the user than the PC's IP, as the each user do not have their own PC?

thanks

[bcliburn]

I know that you could do that on an earlier version of Dan's Guardian, configure user access by username and or IP.  Each computer would need an Ident server.  I am sure it's possible with the latest version of Dan's Guardian that I have (2.9.8.0) but I haven't figured out how yet.
The Ident Server I use is called 'DGTIdent'

I got that version of DG for SME7.0 by adding the dungog repository and installing it via the SME GUI installer and it has worked perfectly (Except for the user ident part)

[cjensen]

Install DG, then use this how-to:
http://www.vanhees.cc/index.php?module=ContentExpress&func=display&ceid=40&meid=

Use the "pam" option.  Then your SME users authenticate with their personal login so you can restrict individual users.

Craig

[danfulton]

The Ident Server I use is called 'DGTIdent'

So you know where I can find DGTIdent. I can not find it on google.

Cheers

Dan

[raem]

danfulton

> ...where I can find DGTIdent

search for DGID.zip

http://dansguardian.org/downloads/michaelpike/DGID.zip


see this thread
http://forums.contribs.org/index.php?topic=24886.0

[stephen noble]

>install DG, then use this how-to:
>http://www.vanhees.cc/index.php?module=ContentExpress&func=display&ceid=40&meid=

Auth is included in smeserver-dansguardian

if you want it in the base raise a NFR and convince a dev.

[root@kiwi RPMS]# rpm -ql smeserver-dansguardian
/etc/e-smith/templates/etc/squid/squid.conf/15AuthProgramNCSA
/etc/e-smith/templates/etc/squid/squid.conf/15AuthProgramPamAuth
/etc/e-smith/templates/etc/squid/squid.conf/20ACL05ProxyAuth
/etc/e-smith/templates/etc/squid/squid.conf/20ACL06IdentAuth
/etc/e-smith/templates/etc/squid/squid.conf/39http_access00pwdprotect
/etc/e-smith/templates/etc/squid/squid.conf/39http_access01ident

config setprop squid RequireAuth foo
where foo ident/nsca/pam

expand and restart
use the proxy panel

[raem]

williel & others

See the new Howto.
The current rpms support various types of auth login configured with db commands. Use Filter Groups to control access rights for different sets of users.

http://wiki.contribs.org/Dansguardian