From owner-freebsd-isp Mon Jan 18 20:14:44 1999 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id UAA07066 for freebsd-isp-outgoing; Mon, 18 Jan 1999 20:14:44 -0800 (PST) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from xwin.nmhtech.com (xwin.nmhtech.com [208.138.46.10]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA07054 for ; Mon, 18 Jan 1999 20:14:42 -0800 (PST) (envelope-from nicole@xwin.nmhtech.com) Received: (from nicole@localhost) by xwin.nmhtech.com (8.8.8/8.8.7) id UAA00679; Mon, 18 Jan 1999 20:14:34 -0800 (PST) (envelope-from nicole) Message-ID: X-Mailer: XFMail 1.2 [p0] on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii MIME-Version: 1.0 In-Reply-To: <36A3F1C0.B2FCF22B@basspro.com> Date: Mon, 18 Jan 1999 20:14:34 -0800 (PST) From: Nicole Harrington To: Troy Kittrell Subject: RE: Squid Cc: freebsd-isp@FreeBSD.ORG Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by hub.freebsd.org id UAA07056 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 19-Jan-99 My Secret Spies Reported That Troy Kittrell wrote: > I need to (ASAP, as usual) fire up a proxy server. I would prefer a > Un*x based solution rather that MS Proxy server, but need to plan for > the future. Squid seems to be the (proxy) drug of choice. That future > holds several hundred users that I'd much rather manage the > username/passwd from a centralized location (LDAP!). > I've gleaned the docs for Squid and can find nothing that indicates > that users can be authenticated from an LDAP server. LDAP seems to be > the only choice I could try to use that all of our other corporate > services (AS/400, Notes, NT Domains, Netware) can share. > The purpose of the proxy server is not actually to cache and conserve > bandwidth, but as a means to limit access from our corporate network to > the internet. So far this has been accomplished quite well by a POS/486 > runnning FreeBsd/ipfw/natd. I'm tired of adding rules to rc.firewall > plus NT Domains w/DHCP doesn't actually limit people. All they have to > do is go to a machine that gets an (ipfw) allowed address from DHCP and > they're on. > > Hints? Clues? Experiences? > Why would you want to use LDAP? Usually you filter by Ip address range. Seems odd having to enter a password to browse the web. Just my .02c Nicole > TIA!!! > -- > > Troy Kittrell > troyk@basspro.com > Internet Systems Coordinator > Bass Pro Outdoors Online > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message |\ __ /| (`\ | o_o |__ ) ) // \\ nicole@nmhtech.com | http://www.webweaver.net/ webmistress@dangermouse.org | http://www.dangermouse.org -------------------------(((---(((----------------------- - Powered by Coka Cola and FreeBSD - - Stong enough for a man - But made for a Woman - - I'm not ADD - I'm just MultiThreaded - - Microsoft: What bug would you like today? - ---------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message