Date: Tue, 19 Jan 1999 07:34:41 -0600 From: Troy Kittrell <troyk@basspro.com> To: Nicole Harrington <nicole@nmhtech.com> Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Squid -2 Message-ID: <36A489F1.30CE5A96@basspro.com> References: <XFMail.990118233154.nicole@nmhtech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Nicole Harrington wrote:
>
>
{snip snip...}
> 3.Create the passwd file and give the passwords to your users. You can use
> apache's htpasswd program to generate and maintain the passwd file. The
> usernames in the passwd file do not need to correspond to
> system user names. You may give many people the same username and
> password combination to access your cache.
>
> There that's better...
>
> Nicole
>
>
> |\ __ /| (`\
> | o_o |__ ) )
> // \\
> nicole@nmhtech.com | http://www.webweaver.net/
> webmistress@dangermouse.org | http://www.dangermouse.org
> -------------------------(((---(((-----------------------
>
> - Powered by Coka Cola and FreeBSD -
> - Stong enough for a man - But made for a Woman -
>
> - I'm not ADD - I'm just MultiThreaded -
> - Microsoft: What bug would you like today? -
> ----------------------------------------------------------
Sure...very easy...and I've already looked at ways to create this from
a Domino/LDAP server. But I would *rather* authenticate directly from
the source of the user lists.
(and in response to your previous message) We're blocking by IP range
now. We're also using DHCP company-wide. When someone is authorized to
access the 'net, we nab the MAC address of their machine, poke that into
DHCP and assign it a specific IP address that is already allowed through
the ipfw/natd gateway. That works great for our main campus, but our
remote sites have only a single class C range. We'd either have to
assign a second class C, reserved strictly for this DHCP assignment to
allow access, or add the IP addresses one by one to ipfw. This doesn't
really work either since the remote sites authenticate at the desktop in
an NT Domain, which allows the user to log into any machine. The number
of remote sites/systems isn't so great right now that it would be
unmanageable, but our expansion plans for remote sites over just the
next three years would make it a nightmare.
--
Troy Kittrell
troyk@basspro.com
Internet Systems Coordinator
Bass Pro Outdoors Online
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?36A489F1.30CE5A96>