Topic: SARG Reports + Squid Authentication

[cfarrier]

Hi all,

I have been looking through the forums trying to find any reference to anybody who has successfully installed SARG and Squid Authentication on SME v6.0-01.

I have a need to track users by username and total traffic downloaded per day or time frame.

Can anybody please point me in the right direction.

Thanks in advance.

Regards
Craig

[ryan]

Craig,

I monitor and watch my users with sarg on sme 5.6.  It also works on sme 6.0.  At my primary site, I use MS dhcp with a 15 day lease (bigger LAN).  This allows me to easily map sarg IP addresses to users.  

At another site, I use sme as the sme dhcp.  In this case, each client is entered as a local host into the 'hostname' on server manager (enter mac address).  This is an IP reservation from sme.  Be aware that reservations can not be included in the sme dhcp IP range.  The client name defined for the 'hostname' will appear in the sarg report.  This works best on a small LAN, as you have to enter a reservation for each client.

ryan

[Craig]

Thanks for the reply.

I have SARG running (BTW there seems to be a problem with SARG reports when you have AWStats installed) on the system but what I really require is some way to track individual users.

The server is a proxy server for a small hotel and they offer Internet access to users. They charge users for access and they get given 20MB of traffic per day. They would like to monitor each rooms traffic and then charge them any additional usage above the 20MB allocated.

I know that Proxy_Auth or Squid Authentication worked on older versions of SME but haven't seen it as a contrib for SMEServer v6.0X. This would allow me to block users access until they are given a password and account name to access the internet with. When the client leaves the account is disabled. At least this way SARG will track on username.

Does anybody have this working or got another solution for monitoring usage of web traffic.

Thanks or your help.

Regards
Craig

[ryan]

I can't help with proxy_auth or squid_auth, but I have to ask why the 20mb limit?  Just charge what you want for unlimited and give customers the password.  I stayed at the Double Tree in San Diego which offered WayPort unlimited for 9.95 per day.  Unfortunetately for Double Tree, I was able to by pass the controls and got free access during my stay...but you might consider lossing the admin burden and just let them have unlimited for a given price......

ryan

[ajkeane]

Install sme-squid-1.0-2.i386.rpm and sme-upgppp-1.0-1.noarch.rpm and you will be able to aloow usage per users set up in the server-manager panel.

Tony

[shanen]

You can monitor squid access all you like but it's not going to help you keep a track of smtp/pop/IM  traffic which is what customers are primarily going to be interested in and using. In my experience with hotels/resorts, guests just want to quickly download emails and respond if required. Then they spend a few mins goofing off and check sport/weather/news back home, then get back to their holiday.
I realise you are going to get the odd bunch that decide to visit windowsupdate.microsoft.com at your expense.
One option is to have a big old patch panel and switch in your reception or another back of house area and connect rooms as required.
Run DHCP, transparent proxy and shape traffic to a level that your wan link can handle using "CBQ" and "HTB".
Hope this helps

Shane

[Anonymous]

Thanks all for your suggestions.

I have found Squid Authentication addon which seems to work.

The clients are only going to have HTTP access to the net and everything else will be blocked.

Craig

[ztasevski]

Hi,

I am trying to track down the squid authentication module..Where did you find it Craig ?

[shanen]

Hi,

I am trying to track down the squid authentication module..Where did you find it Craig ?

Look here
http://forums.contribs.org/index.php?topic=24886.0

[ztasevski]

hi shannen,

nice one mate...downloaded it -> installed it -> tested it -> ported to the live server -> everyone happy  

On another note is there a module that is able to map static IP's to MAC's via DHCP. Installed the DHCP manager it has everything but that option ?

Zoran

[shanen]

Hi Zoran,
The proxy auth is a great addition to SME. What would be great is if you could have a check box next to the username to enable/disable internet access.

Sorry I haven't played much with the DHCP panels so I can't help you there. I do know there are at least 2 floating around.

Shane

[ztasevski]

Hi Shanen,

Such a simple solution. It's already built in !

Check up: http://forums.contribs.org/index.php?topic=25006.0

Zoran

[shanen]

Good one...
I'm glad you found a solution

Shane

[ztasevski]

Shanen,

Well ! What I was think of was this:

Assign certain computers on the network static IP & then use the e-smith-squid-restrict-ip-0.1-1 module to allow/disallow internet access...in a clik of a button  

so that gives you 2 options:

1. pc's that you do not want to get out on the net totally assign them a static ip binded to their mac and block them through squid-restrict

2. pc's that are to get out on the net get them to authenticate and monitor activity through sarg

I'll be testing it very soon & report the outcome here !

zoran