ext_file_userip_acl(8) System Manager's Manual ext_file_userip_acl(8)

ext_file_userip_acl - Restrict users to certain IP addresses, using a text file backend.

Version 1.0

ext_file_userip_acl [-dh] [-f file name ]

ext_file_userip_acl is an installed binary. An external helper for the Squid external acl scheme.

It works by reading a pair composed by an IP address and an username on STDIN and matching it against a configuration file.

Write debug info to stderr.
Configuration file to load.
Display the binary help and command line syntax info using stderr.

The squid.conf configuration for the external ACL should be:

external_acl_type type-name %SRC %LOGIN /path/to/ext_file_userip_acl -f /path/to/config.file

If the helper program finds a matching username/ip in the configuration file, it returns OK , otherwise it returns ERR .

The configuration file format is as follows:

ip_addr[/netmask] username|@group|ALL|NONE

Where ip_addr is a dotted quad format IP address, the netmask must be in dotted quad format too.

When the second parameter is prefixed with an @ , the program will lookup the /etc/group file entry for the specified username.

There are other two directives, ALL and NONE , which mean "any user on this IP address may authenticate" or "no user on this IP address may authenticate".

This program was written by Rodrigo Campos <rodrigo@geekbunker.org>

This manual was written by Rodrigo Campos <rodrigo@geekbunker.org> Amos Jeffries <amosjeffries@squid-cache.org>

* Copyright (C) 1996-2022 The Squid Software Foundation and contributors
* Squid software is distributed under GPLv2+ license and includes
* contributions from numerous individuals and organizations.
* Please see the COPYING and CONTRIBUTORS files for details.

This program and documentation is copyright to the authors named above.

Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).

Questions on the usage of this program can be sent to the Squid Users mailing list <squid-users@lists.squid-cache.org>

Bug reports need to be made in English. See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report.

Report bugs or bug fixes using http://bugs.squid-cache.org/

Report serious security bugs to Squid Bugs <squid-bugs@lists.squid-cache.org>

Report ideas for new improvements to the Squid Developers mailing list <squid-dev@lists.squid-cache.org>

squid(8), GPL(7),
The Squid FAQ wiki http://wiki.squid-cache.org/SquidFaq
The Squid Configuration Manual http://www.squid-cache.org/Doc/config/