Hi all, I don't know if this has already been answered but I was unable to find anything about it. I've setup squid-2.5.STABLE4 with Samba 3.0.0 using winbind for authentication. Everything works fine, except, every page accessed first enters 2 TCP_DENIED entries in the access log. I wanted to know if there is a way around this as when I add back in the following acl "acl test url_regex "/etc/blacklist" " and deny access to it, I can not get the username recorded in the access log. Below is an entry from the access.log from opening yahoo.com.
1070384877.123 9 192.168.12.50 TCP_DENIED/407 1741 GET http://www.yahoo.com/ - NONE/- text/html 1070384877.152 9 192.168.12.50 TCP_DENIED/407 1741 GET http://www.yahoo.com/ - NONE/- text/html 1070384877.456 303 192.168.12.50 TCP_MISS/200 13360 GET http://www.yahoo.com/ ELITEHOU\JIMC DIRECT/66.218.71.93 text/html 1070384878.276 7 192.168.12.50 TCP_DENIED/407 2094 GET http://srd.yahoo.com/M=264255.3922691.5448124.3540639/D=yahoo_top/S=2716149: JAM/A=1886591/N=1226/id=load_cap_lan/fv=6/0.35301091527173617/*1 - NONE/- text/html 1070384878.288 8 192.168.12.50 TCP_DENIED/407 2098 GET http://srd.yahoo.com/M=264255.3922691.5448124.3540639/D=yahoo_top/S=2716149: JAM/A=1886591/N=1226/id=load_cap_lan/fv=6/0.35301091527173617/*1 - NONE/- text/html 1070384878.312 187 192.168.12.50 TCP_MISS/304 391 GET http://switch.atdmt.com/action/PTCYahooFront ELITEHOU\JIMC DIRECT/216.39.69.71 - 1070384878.446 154 192.168.12.50 TCP_MISS/200 261 GET http://srd.yahoo.com/M=264255.3922691.5448124.3540639/D=yahoo_top/S=2716149: JAM/A=1886591/N=1226/id=load_cap_lan/fv=6/0.35301091527173617/*1 ELITEHOU\JIMC DIRECT/66.218.71.101 image/gif 1070384879.032 587 192.168.12.50 TCP_MISS/200 515 GET http://kd.barcfg.myway.com/speedbar/mySpeedbarCfg2.jsp? ELITEHOU\JIMC DIRECT/63.236.66.5 text/html Here is the relevant section of the squid.conf file: auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --enable-helper-fail-open -d 10 -l auth_param ntlm children 5 auth_param ntlm max_challenge_reuses 1 auth_param ntlm max_challenge_lifetime 20 minutes auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours I appreciate any help anyone can give me. Thanks. Jim Crippen Sr LAN Administrator Elite Transportation [EMAIL PROTECTED]
