On September 28, 2002 12:26 pm, Rick Matthews wrote: The reason that your request is being handled by the default acl is > easily seen in the log file entry: > > 2002-09-28 09:34:48 > [20078] pid handling the request > Request Is always "request", AFAIK > (default/none/-) (source group/destination group/-) > http://slashdot.org/ full requested url > 127.0.0.1 request received from this ip > /- - /- ident > GET http method > > squidGuard sees this request as coming from ip:127.0.0.1 / ident:-, > and checks through the source definitions: > > src neil - must be ip:127.0.0.1 AND ident:neil - no match > src lisamarie - must be ip:10.0.0.10/8 AND ident:lisamarie - no match > > So squidGuard processes the request as an unknown source, through the > default acl. > > So why didn't squid include the ident information in the request sent > to squidGuard? Are you running squid as a tranparent proxy? Ident and > transparent don't get along too well together. You might want to also > test from a different box to see if transparent proxy makes the ip > show as 127.0.0.1 for everyone.
I don't have another box test with. My proxy any my workstation are the same computer. You're saying that ident can never work for a lone workstation? Should I head back to Junkbusters or is there another way to do this? -- Neil Watson Network Administrator watson-wilson.ca
