(RADIATOR) Content filtering

Dave Kitabjian dave at netcarrier.com
Wed Feb 6 09:00:18 CST 2002 

We're getting ready to do this too.

Two approaches we have so far are:

1) Use the Filter-Id reply item. When the NAS sees this, it will load a
filter by that name that you must have already configured on that NAS
and saved. The filter is a series of rules based on protocol, IP address
block, and port. That filter will then apply to that user for the
duration of his session.

2) Tunnel. I'm just looking into this now. We might tunnel the user to a
specific box. This box will then pass all traffic besides port 80 to the
outside. But port 80 will be redirected to Squid. I think there are
Tunnel RADIUS attributes we can use to invoke this on a per-user
basis...

Dave

> -----Original Message-----
> From: Rolando Riley [mailto:rriley at ayayai.com] 
> Sent: Tuesday, February 05, 2002 8:45 AM
> To: radiator at open.com.au
> Subject: (RADIATOR) Content filtering
> 
> 
> Hi list:
> 	This is not probably a radius question although radius 
> is involved as one of the main elements. Our goal is make 
> content filtering with a software like ( smartfilter, 
> websense or squidguard) under the following scenario.
> 
> 1) A customer dials in to our ISP.
> 2) Our radius auths and accounts the user connection.
> 3) Our radius forward the user info to squid ( or any other Cache).
> 4) Squid verify the user policies for http requests against 
> SmartFilter .
> 
> 5) If SmartFilter has any matching against the user it 
> applies the filter.
>     else it lets the user browse any site.
> 
> 
> 	Does anyone have an idea or an experience  on how to 
> make this work?
> 
> 	We basically want to do content filtering as a customer service.
> 
> 
> best regards,
> 
> 
> -----------------------------------------------
> Ing. Rolando Riley
> Administrador de Sistemas Unix
> (Unix System Administrator)
> AYAYAI.COM S.A.
> Tel: (507) 265-2424 ext. 408
> -----------------------------------------------
> 
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
> 
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list