Back to Work: SQUID + Active Directory

This post doesn’t mean I haven’t been working for the last two years! Just I haven’t been in the mood to post. I want to keep adding notes to this blog so I can remember those little easy-forgetable things I spend some time figuring out so I can get back to blog in the near future and do not waste time again.

These days I have been playing with SQUID and the external ACL feature which allow the user to add some amount of customization without too many work. The syntax for those external ACL is the following:

external_acl_type <type-name> %<PARAMETER> /path/to/external/program

That’s how you define an external acl to be used afterwards. There a bunch of allowed parameters, the external program can read from the stdin, as follow:

%LOGIN
%IDENT
%SRC
%DST
%PROTO
%PORT
%METHOD
%{Header}
The external program must return “ERR” or “OK” to the stdout and restricted reduced info such as “ERR error=\”Error message\”” or “OK user=username”. Squid doesn’t allow return any other parameter, which IMHO is terrible awful!! Enabling the return of arbitrary date would increase in an order of magnitude the power of SQUID.
Why have I been using these External ACL? Because I want to be able to check data against an Active Directory. I haven’t reach really far yet, I have just configured the AD
dcpromo
and that’s all.
Update: There are a few more return parameters, but still fixed and not enough IMHO.

2 thoughts on “Back to Work: SQUID + Active Directory

Comments are closed.