basic_radius_auth(8) System Manager's Manual basic_radius_auth(8)NAME
basic_radius_auth - Squid RADIUS authentication helper
SYNOPSIS
basic_radius_auth -f config file
basic_radius_auth -h server name port ] [-i identifier ] -w secret [-t timeout ]
DESCRIPTION
basic_radius_auth allows Squid to connect to a RADIUS server to validate the user name and password of Basic HTTP authentication.
OPTIONS -f configfile
Specifies the path to a configuration file. See the CONFIGURATION section for details on the file content.
-h server Alternative method of specifying the server to connect to
-p port Specify another server port where the RADIUS server listens for requests if different from the default RADIUS port. Normally
not specified.
-i identifier
Unique identifier identifying this Squid proxy to the RADIUS server. If not specified the IP address is used to identify the
proxy.
-w secret Alternative method of specifying the shared secret. Using the -f option with a configuration file is generally more secure and
recommended.
-t timeout RADIUS request timeout. Default is 10 seconds.
CONFIGURATION
The configuration specifies how the helper connects to RADIUS. The file contains a list of directives (one per line). Lines beginning with
a # are ignored.
server radiusserver
specifies the name or address of the RADIUS server to connect to.
secret somesecretstring
specifies the shared RADIUS secret.
identifier nameofserver
specifies what name the proxy should use to identify itself to the RADIUS server. This directive is optional.
port portnumber
Specifies the port number or service name where the helper should connect.
timeout seconds
Specifies the RADIUS request timeout.
AUTHOR
This program is written by Marc van Selm <selm@cistron.nl> Henrik Nordstrom <hno@squid-cache.org>
With contributions from many others.
This manual was written by Henrik Nordstrom <hno@squid-cache.org>
COPYRIGHT
This program and documentation is copyright to the authors named above.
Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).
QUESTIONS
Questions on the usage of this program can be sent to the Squid Users mailing list <squid-users@squid-cache.org>
Or contact your favorite RADIUS list/friend if the question is more related to RADIUS than Squid.
REPORTING BUGS
Bug reports need to be made in English. See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with
your bug report.
Report bugs or bug fixes using http://bugs.squid-cache.org/
Report serious security bugs to Squid Bugs <squid-bugs@squid-cache.org>
Report ideas for new improvements to the Squid Developers mailing list <squid-dev@squid-cache.org>
SEE ALSO squid(8), GPL(7),
RFC2058 - Remote Authentication Dial In User Service (RADIUS)
The Squid FAQ wiki http://wiki.squid-cache.org/SquidFaq
The Squid Configuration Manual http://www.squid-cache.org/Doc/config/
7 August 2004 basic_radius_auth(8)
Check Out this Related Man Page
ext_file_userip_acl(8) System Manager's Manual ext_file_userip_acl(8)NAME
ext_file_userip_acl - Restrict users to certain IP addresses, using a text file backend.
Version 1.0
SYNOPSIS
ext_file_userip_acl [-dh] [-f file name ]
DESCRIPTION
ext_file_userip_acl is an installed binary. An external helper for the Squid external acl scheme.
It works by reading a pair composed by an IP address and an username on STDIN and matching it against a configuration file.
OPTIONS -d Write debug info to stderr.
-f file Configuration file to load.
-h Display the binary help and command line syntax info using stderr.
CONFIGURATION
The squid.conf configuration for the external ACL should be:
external_acl_type type-name %SRC %LOGIN /path/to/ext_file_userip_acl -f /path/to/config.file
If the helper program finds a matching username/ip in the configuration file, it returns OK , otherwise it returns ERR .
The configuration file format is as follows:
ip_addr[/netmask] username|@group|ALL|NONE
Where ip_addr is a dotted quad format IP address, the netmask must be in dotted quad format too.
When the second parameter is prefixed with an @ , the program will lookup the /etc/group file entry for the specified username.
There are other two directives, ALL and NONE , which mean
AUTHOR
This program was written by Rodrigo Campos <rodrigo@geekbunker.org>
This manual was written by Rodrigo Campos <rodrigo@geekbunker.org> Amos Jeffries <amosjeffries@squid-cache.org>
COPYRIGHT
This program and documentation is copyright to the authors named above.
Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).
QUESTIONS
Questions on the usage of this program can be sent to the Squid Users mailing list <squid-users@squid-cache.org>
REPORTING BUGS
Bug reports need to be made in English. See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with
your bug report.
Report bugs or bug fixes using http://bugs.squid-cache.org/
Report serious security bugs to Squid Bugs <squid-bugs@squid-cache.org>
Report ideas for new improvements to the Squid Developers mailing list <squid-dev@squid-cache.org>
SEE ALSO squid(8), GPL(7),
The Squid FAQ wiki http://wiki.squid-cache.org/SquidFaq
The Squid Configuration Manual http://www.squid-cache.org/Doc/config/
ext_file_userip_acl(8)