Hi!
Currently we are testing the new squid version 3.1.0.6. generally the squid is
working fine, but we have a problem with authenticating users with ident.
cut of squid.conf:
http_port 3128
ident_lookup_access allow all
acl CONNECT method CONNECT
acl all src all
acl permit_user ident "/usr/local/config-squid/etc/permit_user1"
http_access allow CONNECT
http_access allow manager localhost
http_access allow manager cachemanager
http_access deny manager
http_access allow messenger
http_access allow permit_user
http_access deny all
http_reply_access allow all
icp_access allow all
but on every request, the squid is trying to connect to the users ident port
there is the message
commBind: Cannot bind socket FD 12 to 172.31.19.100:3128: (98) Address already
in use
in cache.log an the user will get "access denied".
lsof is showing, that no other processes are using this port.
# lsof -i tcp:3128
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
squid 28992 suqid 55u IPv4 31976219 TCP *:squid (LISTEN)
#
Strace is showing that there is something wrong with opening socket on the
right port:
9.1.4.9 (client ip)
172.31.19.100 (server ip)
accept(55, {sa_family=AF_INET, sin_port=htons(24395),
sin_addr=inet_addr("9.1.4.9")}, [16]) = 10
getsockname(10, {sa_family=AF_INET, sin_port=htons(3128),
sin_addr=inet_addr("172.31.19.100")}, [16]) = 0
...
bind(12, {sa_family=AF_INET, sin_port=htons(3128),
sin_addr=inet_addr("172.31.19.100")}, 16) = -1 EADDRINUSE (Address already in
use)
why does squid bind his ident connect to port 3128?
The same config is working fine with squid 2.7 without any troubles.
Is this a known issue with squid 3.1.0.6 ? does anyone have the same issue?
Thanks for help!
br
Mike
-------------------------------------------
SPAR Österreichische Warenhandels-AG
Hauptzentrale
A - 5015 Salzburg, Europastrasse 3
FN 34170 a
Tel: +43 662 4470 24245
Mobile: +43 664 8159150
E-Mail: michael.kastin...@spar.at
Internet: http://www.spar.at
Wichtiger Hinweis: Der Inhalt dieser E-Mail kann vertrauliche und rechtlich
geschützte Informationen, insbesondere Betriebs- oder Geschäftsgeheimnisse,
enthalten, zu deren Geheimhaltung der Empfänger verpflichtet ist. Die
Informationen in dieser E-Mail sind ausschließlich für den Adressaten bestimmt.
Sollten Sie die E-Mail irrtümlich erhalten haben so ersuchen wir Sie, die
Nachricht von Ihrem System zu löschen und sich mit uns in Verbindung zu setzen.
Über das Internet versandte E-Mails können leicht manipuliert oder unter
fremdem Namen erstellt werden. Daher schließen wir die rechtliche
Verbindlichkeit der in dieser Nachricht enthaltenen Informationen aus. Der
Inhalt der E-Mail ist nur rechtsverbindlich, wenn er von uns schriftlich
bestätigt und gezeichnet wird.
Sollte trotz der von uns verwendeten Virus-Schutzprogramme durch die Zusendung
von E-Mails ein Virus in Ihre Systeme gelangen, haften wir nicht für evtl.
hieraus entstehende Schäden.
Wir danken für Ihr Verständnis.
Important notice: The contents of this e-mail may contain confidential and
legally protected information that is in particular related to operational and
trade secrets, which the recipient is obliged to treat as confidential. The
information in this e-mail is made available exclusively for use by the
addressee. In the event that the e-mail may have been sent to you in error, we
would ask you to kindly delete this communication from your system and to
contact us.
E-mails sent via the Internet can be easily manipulated or sent out under
someone else's name. We therefore do not accept legal liability for the
information contained in this communication. The contents of the e-mail are
only legally binding if they have been confirmed and signed by us in writing.
If, in spite of our using Antivirus protection software, a virus may have
penetrated your system through the sending of this e-mail, we do not accept
liability for any damage that may possibly arise as a result of this.
We trust that you appreciate our position.
-------------------------------------------
