$Id$

README file for ip_user_check, an external helper for the 
Squid external acl scheme.

It works by reading a pair composed by an ip address and an username
on STDIN and matching it against a configuration file.

The configuration for the external ACL should be:

external_acl_type type-name %SRC %LOGIN /path/to/ip_user_check -f /path/to/config.file

If the program finds a matching username/ip in the configuration file, 
it returns `OK', or `ERR' otherwise.

The usage for the program is:

ip_user_check -f <configuration_file>


The configuration file format is as follows:

ip_addr[/mask]		user|@group|ALL|NONE

Where ip_addr is a dotted quad format IP address, the mask
must be in dotted quad format too.

When the second parameter is prefixed with an @, the program will lookup in the
/etc/group entry for the specified username.

There are other two directives, `ALL' and `NONE', which mean "any user on this ip
address may authenticate" or "no user on this ip address may authenticate".

TODO
- Deny operator, to create `allow all but' rules
- Check for a valid user in the OS
- Accept decimal format netmasks 


--
Rodrigo Campos
rodrigo@geekbunker.org

.