When I look at my squid access.log, this is what I get: 1021920502.086 575 192.168.0.22 TCP_MISS/200 15943 GET http://my.yahoo.com/? - DIRECT/64.58.77.197 text/html
There is an - rather then the users name. I don't get it. I am thinking that squid is not passing that information down to squidGuard, but I don't know how to make it pass it down. I see that there is something about setting ident_lookup to on, but I cannot figure out where to do that in the squid.conf file. Sam Rick Matthews wrote: > Sam, > > Your squid access.log will show you what squid is sending to squidGuard (that > was a squid access.log that was posted for you previously). > > Here's an example from my squid access.log (logged in as 'rick'): > 1021905695.430 25 192.168.44.3 TCP_HIT/200 343 GET > http://us.i1.yimg.com/us.yimg.com/i/my/arrowdown.gif rick NONE/- image/gif > > Here's an example from my squidGuard blocked.log: > 2002-05-06 23:13:40 [24056] Request(parents/porn/-) > http://extreme-dm.com/z/?tag=killad&j=y&srw=1152&srb=16&rs=41&l= > 192.168.44.3/- rick GET > > > How do I test to see what the ident on > > this XP machine is giving squidGuard? > > If you are tracing back from squidGuard, the next question to be answered is > "Who does squid recognize the user as?", and the answer to that is in the > squid access.log. > > Hope that helps. > > Rick Matthews > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]]On Behalf Of Sam Carleton > > Sent: Sunday, May 19, 2002 5:48 PM > > To: C Falconer; squidguard > > Subject: Re: Setting up users > > > > > > I am running an identd deamon on this computer and I am logged in > > as user sam. > > Here is my log: > > > > 2002-05-19 18:43:57 [7998] Request(kids/porn-sites/-) > > http://ads.adultplex.com/banner/teen/swskn/125x125/swskn_125x125_002.gif > > 192.168.0.22/- - GET > > 2002-05-19 18:45:04 [8013] Request(kids/porn-sites/-) > > http://www.free-porn-passes.com/ezes03.html 192.168.0.22/- - GET > > > > I keep showing up as a member of the kids group, not grownups. Any > > thoughts? How > > do I test to see what the ident on this XP machine is giving squidGuard? > > > > Sam > > > > C Falconer wrote: > > > > > Obviously kids and grownups could log onto the same computers. > > > > > > In answer to the original question - is squid actually seeing the > > > ident? Look in your logs for the userID, it should be where the dash is > > > in this line > > > > > > 1021841933.371 11000 192.168.3.1 TCP_CLIENT_REFRESH_MISS/200 52314 GET > > > http://death-to-the.scriptkiddie.net/staticnzlinux.html - > > > DIRECT/203.167.253.124 text/html > > > > > > 1021841933.371 11000 192.168.3.1 TCP_CLIENT_REFRESH_MISS/200 52314 GET > > > http://death-to-the.scriptkiddie.net/staticnzlinux.html criggie > > > DIRECT/203.167.253.124 text/html > > > > > > On Sat, 2002-05-18 at 06:56, Morris Maynard wrote: > > > > FWIW it seems suspicious that the ip range is the same for both kids and > > > > grownups. Why not remove it from grownups? > > > > > > > > -----Original Message----- > > > > From: [EMAIL PROTECTED] > > > > [mailto:[EMAIL PROTECTED]]On Behalf Of Sam Carleton > > > > Sent: Friday, May 17, 2002 2:12 PM > > > > To: squidguard > > > > Subject: Setting up users > > > > > > > > > > > > I have been using squidGuard for over a year now. I would like to start > > > > using the users feature. All my clients are XP and W2K. I installed > > > > the identd that was recommended on my XP workstation and I am logged in > > > > as the user "sam", I am still being blocked. Here is part of my > > > > squidGuard.conf file: > > > > > > > > logdir /usr/local/squidGuard/log > > > > dbhome /usr/local/squidGuard/db > > > > > > > > src grownups { > > > > ip 192.168.0.0/24 > > > > user sam > > > > } > > > > > > > > src kids { > > > > ip 192.168.0.0/24 > > > > } > > > > > > > > [snip] > > > > > > > > acl { > > > > grownups { > > > > pass all > > > > } > > > > > > > > kids { > > > > pass passed-sites !porn-sites !ads-sites !gambling-sites > > > > !violence-sites !mail-sites !ms-p > > > > orn-blocked !ms-ads-blocked !ms-gambling-blocked !ms-email-blocked all > > > > } > > > > > > > > default { > > > > pass none > > > > redirect > > > > > http://devweb.miltonstreet.com/cgi-bin/blocked.cgi?reason=email2&clientaddr= > > > %a&cl > > > > > > ientname=%n&clientuser=%i&clientgroup=%s&url=%u > > > } > > > }
