Reporting User access in squid.conf

[trodecke]

First off I apologize as I'm very much a scripting neophyte. I do however have a task ahead of me that I need to get done that I can see the steps I need to do but I don't know how to execute those steps. We're converting from a Squid proxy to a BlueCoat proxy. We use numerous ACLs in the SQUID.CONF file to list who can have access to what domains. The ACLs are relatively simple in that we have a DOMAIN-USER ACL and a DOMAIN-DEST ACL with an associated HTTP_ACCESS line that combines the two. The task at hand is to provide a list of users and what sites they have access to. The trick is that a user may be listed in more than one ACL depending on what sites they had access to. I've developed a script (might be ugly but it works) to generate the list of user names;

Code:

rm userlist-raw.txt

grep -i http_access squid.conf | grep -v "#" | cut -d' ' -f3 | grep -users | sort -u -b > outfile1

for i in $(cat outfile1)
 do
  cat $i >>userlist-raw.txt
done

sort -u -b userlist-raw.txt > userlist.txt

I've modified it to also provide a list of domains. What I can't get my head around is how to search the SQUID.CONF file for DOMAIN-USER entries and while a user's name is in the DOMAIN-USER ACL, print out a list of DOMAIN-DEST entries as well. Any help would be appreciated. TIA!

[trodecke]

For those that are interested, here's what I came up with;

Code:

for i in $(grep "\." $(grep -i http_access squid.conf | grep -v "#" | cut -d' ' -f4 | sort -u -b))

 do
  source="$(echo $i | cut -d'-' -f1)-users"
  fname="$(echo $i | cut -d':' -f2)"
  cat $source | sort -u -b > list/$fname

done

It works in my environment, your mileage may vary. One note though - if you use regular expresssions in your domain ACLs and you enter the domain names with a leading "." to cover all subdomains, you'll create a bunch of hidden files. I troubleshot the script for several hours before I did a "ls -a".