On Sat, 05 Oct 2013 03:21:37 +1300
Amos Jeffries <squid3_at_treenet.co.nz> wrote:
> Move your DG rules into squid.conf rules?
> The current Squid integrate with clamav via ICAP for realtime streamed
> scanning, and the rest of your policies just seem to be ways of setting
> up the ACLs.
>
> Amos
I am advancing into replacement of NTLM/dansguardian with kerberos/squid
and icap and mapped AD groups with help of LDAP authorization, but there
are a few things for which I haven't find solution so far:
1. More informative error messages for users (similar to squidclamav), which
would contain IP address, username, access group of user, detailed reason
for not serving content (eg. name of access list).
2. I have a group for which social networks and online video are forbidden.
But nowadays facebook and youtube placeholders are integrated into a lot
of sites. When users visit those sites they see a lot of squid cache denied
pages. Dansguardian has (visually) elegant solution for blocking dstdomains
as "ADs" category. Iframes and placeholders which embed content from those
sites are then replaced with "advert blocked" text. I have tried adzapper
but it doesn't solve my problem as I do not want to zap certain sites globally,
but only to some groups of users.
Any advices?
-- Marko CupaćReceived on Tue Oct 15 2013 - 12:51:33 MDT
This archive was generated by hypermail 2.2.0 : Tue Oct 15 2013 - 12:00:06 MDT