src/acl/external/file_userip/ext_file_userip_acl.8

   1 .if !'po4a'hide' .TH ext_file_userip_acl 8
   2 .
   3 .SH NAME
   4 ext_file_userip_acl \- Restrict users to certain IP addresses, using a text file backend.
   5 .PP
   6 Version 1.0
   7 .
   8 .SH SYNOPSIS
   9 .if !'po4a'hide' .B ext_file_userip_acl
  10 .if !'po4a'hide' .B [\-dh] [\-f
  11 file name
  12 .if !'po4a'hide' .B ]
  13 .
  14 .SH DESCRIPTION
  15 .B ext_file_userip_acl
  16 is an installed binary. An external helper for the Squid external acl scheme.
  17 .PP
  18 It works by reading a pair composed by an IP address and an username
  19 on STDIN and matching it against a configuration file.
  20 .
  21 .SH OPTIONS
  22 .if !'po4a'hide' .TP 12
  23 .if !'po4a'hide' .B \-d
  24 Write debug info to stderr.
  25 .
  26 .if !'po4a'hide' .TP
  27 .if !'po4a'hide' .B \-f file
  28 Configuration
  29 .B file
  30 to load.
  31 .
  32 .if !'po4a'hide' .TP
  33 .if !'po4a'hide' .B \-h
  34 Display the binary help and command line syntax info using stderr.
  35 .
  36 .SH CONFIGURATION
  37 .PP
  38 The
  39 .B squid.conf
  40 configuration for the external ACL should be:
  41 .if !'po4a'hide' .RS
  42 .if !'po4a'hide' .B external_acl_type type-name %SRC %LOGIN /path/to/ext_file_userip_acl -f /path/to/config.file
  43 .if !'po4a'hide' .RE
  44 .PP
  45 If the helper program finds a matching username/ip in the configuration file, it returns
  46 .B OK
  47 , otherwise it returns
  48 .B ERR .
  49 .PP
  50 The configuration file format is as follows:
  51 .if !'po4a'hide' .RS
  52 .if !'po4a'hide' ip_addr[/netmask]      username|@group|ALL|NONE
  53 .if !'po4a'hide' .RE
  54 .PP
  55 Where
  56 .B ip_addr
  57 is a dotted quad format IP address, the
  58 .B netmask
  59 must be in dotted quad format too.
  60 .PP
  61 When the second parameter is prefixed with an
  62 .B "@"
  63 , the program will lookup the
  64 .B "/etc/group"
  65 file entry for the specified username.
  66 .PP
  67 There are other two directives,
  68 .B ALL
  69 and
  70 .B NONE
  71 , which mean \(dqany user on this IP address may authenticate\(dq or \(dqno user on this IP address may authenticate\(dq.
  72 .
  73 .SH AUTHOR
  74 This program was written by
  75 .if !'po4a'hide' .I Rodrigo Campos <rodrigo@geekbunker.org>
  76 .PP
  77 This manual was written by
  78 .if !'po4a'hide' .I Rodrigo Campos <rodrigo@geekbunker.org>
  79 .if !'po4a'hide' .I Amos Jeffries <amosjeffries@squid-cache.org>
  80 .
  81 .SH COPYRIGHT
  82 .PP
  83  * Copyright (C) 1996-2021 The Squid Software Foundation and contributors
  84  *
  85  * Squid software is distributed under GPLv2+ license and includes
  86  * contributions from numerous individuals and organizations.
  87  * Please see the COPYING and CONTRIBUTORS files for details.
  88 .PP
  89 This program and documentation is copyright to the authors named above.
  90 .PP
  91 Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).
  92 .
  93 .SH QUESTIONS
  94 Questions on the usage of this program can be sent to the
  95 .I Squid Users mailing list
  96 .if !'po4a'hide' <squid-users@lists.squid-cache.org>
  97 .
  98 .SH REPORTING BUGS
  99 Bug reports need to be made in English.
 100 See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report.
 101 .PP
 102 Report bugs or bug fixes using http://bugs.squid-cache.org/
 103 .PP
 104 Report serious security bugs to
 105 .I Squid Bugs <squid-bugs@lists.squid-cache.org>
 106 .PP
 107 Report ideas for new improvements to the
 108 .I Squid Developers mailing list
 109 .if !'po4a'hide' <squid-dev@lists.squid-cache.org>
 110 .
 111 .SH SEE ALSO
 112 .if !'po4a'hide' .BR squid "(8), "
 113 .if !'po4a'hide' .BR GPL "(7), "
 114 .br
 115 The Squid FAQ wiki
 116 .if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
 117 .br
 118 The Squid Configuration Manual
 119 .if !'po4a'hide' http://www.squid-cache.org/Doc/config/