|
|
squidwall 2008-03-11 (Web Interface branch)
04-02-2008
Squidwall is a small and very fast squid redirector. It enables the administrator to build an easy-to-use Web interface for controlling user-, host-, or IP-based access to squid. It also supports filtering of Web pages containing obscene content with an advanced phrase weighting system like Dansguardian. It supports pass-through antivirus scanning with clamav, banner filtering, whitelisting and blacklisting via regular expressions or string comparison based on URLs and/or content. The default Web interface can be used by teachers for disabling, enabling, or filtering access to the Internet. License: GNU General Public License (GPL) Changes:|
|
digest_file_auth(8) System Manager's Manual digest_file_auth(8) NAME
digest_file_auth - File based digest authentication helper for Squid. Version 1.0 SYNOPSIS
digest_file_auth [-c] file DESCRIPTION
digest_file_auth is an installed binary authentication program for Squid. It handles digest authentication protocol and authenticates against a text file backend. OPTIONS
-c Accept digest hashed passwords rather than plaintext in the password file CONFIGURATION
Username database file format: - comment lines are possible and should start with a '#'; - empty or blank lines are possible; - plaintext entry format is username:password - HA1 entry format is username:realm:HA1 To build a directory integrated backend, you need to be able to calculate the HA1 returned to squid. To avoid storing a plaintext password you can calculate MD5(username:realm:password) when the user changes their password, and store the tuple username:realm:HA1. then find the matching username:realm when squid asks for the HA1. This implementation could be improved by using such a triple for the file format. However storing such a triple does little to improve security: If compromised the username:realm:HA1 combination is "plaintext equivalent" - for the purposes of digest authentication they allow the user access. Password syncronisation is not tackled by digest - just preventing on the wire compromise. AUTHOR
This program was written by Robert Collins <robertc@squid-cache.org> Based on prior work by Arjan de Vet <Arjan.deVet@adv.iae.nl> This manual was written by Robert Collins <robertc@squid-cache.org> Amos Jeffries <amosjeffries@squid-cache.org> COPYRIGHT
This program and documentation is copyright to the authors named above. Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+). QUESTIONS
Questions on the usage of this program can be sent to the Squid Users mailing list <squid-users@squid-cache.org> REPORTING BUGS
Bug reports need to be made in English. See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report. Report bugs or bug fixes using http://bugs.squid-cache.org/ Report serious security bugs to Squid Bugs <squid-bugs@squid-cache.org> Report ideas for new improvements to the Squid Developers mailing list <squid-dev@squid-cache.org> SEE ALSO
squid(8), GPL(7), The Squid FAQ wiki http://wiki.squid-cache.org/SquidFaq The Squid Configuration Manual http://www.squid-cache.org/Doc/config/ digest_file_auth(8)