Topic: I made two thing for e-smith

[vincent]

i made 2 thing :

- fetchmail generator manage your other mailbox 5 per users

- squid generator manage your internet acces with passwords..



all on my site

http;//www.chez.com/vinc28

[Robert Heaton]

Hi Vincent

 can't get any of the above to work in v 4.1.2 ???

[vincent]

i dont no but try if you want u can easely
remove them : rpm -e xxxx

send me a feed back

[Robert Heaton]

Vincent
We have been unable to get any of your contribs to work using the latest version of e-smith 4.1.2 we are interested in passworded access to the internet

All the best

Rob

[vincent]

sorry i have made a little error on files

it's been repared with the new version

e-smith-squid-0.1-2.i386.rpm

i hope it's work.
but can you send me your /val/log/httpd/admin_error.log

to analyse them

[Bart/K]

Hi vincent,

The squid-password module works fine on my 4.1.2 server.
If you do not use a proxy (but only Network Address Translation (NAT)), any user still can use the internet.....

So, when not using any proxy, anybody on the local network can bypass the authentication.

Any ideas on this?

Regards,
 Bart

[jose velez]

I installed you rpm for squid, do you have any instruction on how it works.

Thank You

Velez

[Bart]

i added some functionality, and vincent was so kind to update his rpm (now in version 0.2) with it.

URL for download is http://perso.wanadoo.fr/mcas/files/e-smith-squid-0.2-1.i386.rpm

Now, if - in the e-smith-manager Proxy Users page- proxy access is protected, users cannot bypass the proxy (by using NAT) to access the web.
If in the protected mode, forwarding of web access is denied, so every user that want/needs to access the internet has to use the proxy setup in his/her browser,
as well as provide a password to use the proxy i.e. surf the web.

(Oh, only www access can be (partely) protected this way. NAT is still usable for ICQ, ftp etc.)

Hope this fullfills some people's need for such a module.

Regards,  
 -B-

[jose velez]

It works great, simple to install and to use.  E-smith should make this feature standard on the next version.

I can update my antivirus without problems and the TZO clients works.

[Robert Heaton]

Great!

Works with no problems!!

Well done Vincent!!!



Rob.

[Hans van Veen]

I do not completly agree with the last statement. For some (to me unknown) reason, I can not get all 5 pop accounts active. The password of the 3rd pop account gets pushed into the password record of the 2nd account. If there is no 3rd account, the password of the 2nd gets erased.

Workarround: skip the 2nd acount setup.

Vincent, I hope you have a solution for this? (or am I the only one exeriencing this behaviour!)

[vincent]

right i have see this bug

but you can go to download the 0.2-2 version it's been repared



vincent

[Hoay Fern]

hi everyone,
i have read all the articles above.

i am new user of the E-Smith and would like have user autentication in squid proxy server.

before user can access internet, i would like ask the user login first.

i go to :http://www.chez.com/vinc28/fetchmail.html and download Squid Configurator with ipchains to block NAT (thanks Bart) :
e-smith-squid-0.2-3.i386.rpm


can anybody give me instructions what should i do after that if i save the download file in diskette ?

may i know what is NAT ?

can anybody please explains to me after we installed the e-smith-squid-0.2-3.i386.rpm and how it actually works ?

i apprecaite if someone willing to help me

if anyone have time to explain to me, u can add me at yahoo messager hoayfern@yahoo.com

thanks

hoay fern (singapore)

[Bart]

Hoay,

NAT = network address translation
 - the e-smith server translates request through to the internet
   when in server/gateway mode
 - you do not want NAT for web-access if you want to restrict them
   so we had to find some way to block NAT for web-access (port 80)

You cannot install module easily without any knowledge of the Linux-system.

For the instructions below to work, you should have a Internet-connection from the e-smith server.

 1) login into e-smith from the console (!!)
 2) user: root, password
 3) cd /tmp (you never know..)
 4) rpm -Uvh http://www.chez.com/vinc28/files/e-smith-squid-0.2-3.i386.rpm
 5) logoff

 Now start a browser on one of your client
 6) go to e-smith-manager
 7) below heading collaboration  you'll see the new entry "Proxy users"

Working as root from a console is not entirely without any risk.
Insufficient or wrong usage of the root account could give you a non-working system (unlikely if following strict instructions above)
Well, this is an *experienced* user board, so....

Good luck, Bart