From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mauricio Silveira Subject: Squid + Special group enable NAT Access Date: Tue, 20 Mar 2007 14:52:03 -0300 Message-ID: <46001F43.8090201@linuxbr.com> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="------------040500030907080407000706" Return-path: Sender: linux-admin-owner@vger.kernel.org List-Id: To: linux-admin@vger.kernel.org This is a multi-part message in MIME format. --------------040500030907080407000706 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Hi all, I'm wondering if it is possible to make squid call an external script or binary (even better natively) to enable NAT access to specific user group. The scenario is: I have a network where everyone should have restrictions, use the proxy to surf the Internet as is an usual squid implementation. BUT, I need to allow full NAT access to stations, based on username, such an user would be the network admin. EG: if a common worker logs in, no extra NAT access will be allowed, proxy only access, blocking MSN an everything else necessary. I am an admin, inside the group "full_access" and I need full NAT access to the world, but i need this while I'm logged to a station, no matter what station I'm logged on. Logging off will remote my NAT rights for the IP. Did I make myself clear? Is it possible? Any hints? Thanks! Mauricio --------------040500030907080407000706 Content-Type: text/x-vcard; charset=utf-8; name="msilveira.vcf" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="msilveira.vcf" begin:vcard fn:Mauricio Silveira n:Silveira;Mauricio org;quoted-printable:FSN do Brasil - Consultoria em Inform=C3=A1tica;Software Development / Networking adr:;;;;;;Brazil email;internet:msilveira@linuxbr.com title:Linux Consultant / Developer tel;cell:11-9949-1040 url:http://www.fsndobrasil.com version:2.1 end:vcard --------------040500030907080407000706--