Thanks for the tips Rick.... I have done what you said and below is the result of one request where the ident was not passed. As you can see the identReadReply looks fine but the redirectHandleRead does not include the user. Below this is a request that did work (i have turned off ACL debugging as it adds to much and I didn't think there would be any value in there.... i may be wrong)
Ofcourse... I found it difficult to replicate it now that I want it to happen!! I kept pressing F5 until one of my requests returned the ident info then I grabbed the relevant lines from the cache.log. I have included two examples of each: <--------- Not Working ------------> 2002/10/04 14:51:18| redirectStart: 'http://www.porn.com/' 2002/10/04 14:51:18| helperDispatch: Request sent to redirector #1, 42 bytes 2002/10/04 14:51:18| helperHandleRead: 110 bytes from redirector #1. 2002/10/04 14:51:18| helperHandleRead: end of reply found 2002/10/04 14:51:18| redirectHandleRead: {http://10.20.10.223/denied.php?client=10.20.10.100&user=&ur l=http://www.porn.com/ 10.20.10.100/- - GET} 2002/10/04 14:51:18| identReadReply: FD 18: Read '3159 , 8080 : USERID : WIN32 : jturner' 2002/10/04 14:51:18| redirectStart: 'http://10.20.10.223/js/deny.js' 2002/10/04 14:51:18| helperDispatch: Request sent to redirector #1, 54 bytes 2002/10/04 14:51:18| helperHandleRead: 1 bytes from redirector #1. 2002/10/04 14:51:18| helperHandleRead: end of reply found 2002/10/04 14:51:18| redirectHandleRead: {} 2002/10/04 14:51:18| identReadReply: FD 18: Read '3160 , 8080 : USERID : WIN32 : jturner' 2002/10/04 14:51:18| redirectStart: 'http://10.20.10.223/logo.gif' 2002/10/04 14:51:18| helperDispatch: Request sent to redirector #1, 56 bytes 2002/10/04 14:51:18| helperHandleRead: 1 bytes from redirector #1. 2002/10/04 14:51:18| helperHandleRead: end of reply found 2002/10/04 14:51:18| redirectHandleRead: {} 2002/10/04 14:51:18| redirectStart: 'http://10.20.10.223/scout.jpg' 2002/10/04 14:51:18| helperDispatch: Request sent to redirector #1, 51 bytes 2002/10/04 14:51:18| helperHandleRead: 1 bytes from redirector #1. 2002/10/04 14:51:18| helperHandleRead: end of reply found 2002/10/04 14:51:18| redirectHandleRead: {} 2002/10/04 14:51:18| identReadReply: FD 19: Read '3161 , 8080 : USERID : WIN32 : jturner' 2002/10/04 14:56:19| redirectStart: 'http://www.porn.com/' 2002/10/04 14:56:19| helperDispatch: Request sent to redirector #1, 42 bytes 2002/10/04 14:56:19| helperHandleRead: 110 bytes from redirector #1. 2002/10/04 14:56:19| helperHandleRead: end of reply found 2002/10/04 14:56:19| redirectHandleRead: {http://10.20.10.223/denied.php?client=10.20.10.100&user=&ur l=http://www.porn.com/ 10.20.10.100/- - GET} 2002/10/04 14:56:19| identReadReply: FD 18: Read '3180 , 8080 : USERID : WIN32 : jturner' 2002/10/04 14:56:19| redirectStart: 'http://10.20.10.223/js/deny.js' 2002/10/04 14:56:19| helperDispatch: Request sent to redirector #1, 54 bytes 2002/10/04 14:56:19| helperHandleRead: 1 bytes from redirector #1. 2002/10/04 14:56:19| helperHandleRead: end of reply found 2002/10/04 14:56:19| redirectHandleRead: {} 2002/10/04 14:56:19| identReadReply: FD 18: Read '3181 , 8080 : USERID : WIN32 : jturner' 2002/10/04 14:56:19| redirectStart: 'http://10.20.10.223/logo.gif' 2002/10/04 14:56:19| helperDispatch: Request sent to redirector #1, 56 bytes 2002/10/04 14:56:19| helperHandleRead: 1 bytes from redirector #1. 2002/10/04 14:56:19| helperHandleRead: end of reply found 2002/10/04 14:56:19| redirectHandleRead: {} 2002/10/04 14:56:19| redirectStart: 'http://10.20.10.223/scout.jpg' 2002/10/04 14:56:19| helperDispatch: Request sent to redirector #1, 51 bytes 2002/10/04 14:56:19| helperHandleRead: 1 bytes from redirector #1. 2002/10/04 14:56:19| helperHandleRead: end of reply found 2002/10/04 14:56:19| redirectHandleRead: {} 2002/10/04 14:56:19| identReadReply: FD 19: Read '3182 , 8080 : USERID : WIN32 : jturner' <---------------------> <--------------- Working --------------> 002/10/04 14:46:53| redirectStart: 'http://www.porn.com/' 2002/10/04 14:46:53| helperDispatch: Request sent to redirector #1, 48 bytes 2002/10/04 14:46:53| helperHandleRead: 123 bytes from redirector #1. 2002/10/04 14:46:53| helperHandleRead: end of reply found 2002/10/04 14:46:53| redirectHandleRead: {http://10.20.10.223/denied.php?client=10.20.10.100&user=jtu rner&url=http://www.porn.com/ 10.20.10.100/- jturner GET} 2002/10/04 14:46:53| redirectStart: 'http://10.20.10.223/js/deny.js' 2002/10/04 14:46:53| helperDispatch: Request sent to redirector #1, 54 bytes 2002/10/04 14:46:53| helperHandleRead: 1 bytes from redirector #1. 2002/10/04 14:46:53| helperHandleRead: end of reply found 2002/10/04 14:46:53| redirectHandleRead: {} 2002/10/04 14:46:53| identReadReply: FD 18: Read '3155 , 8080 : USERID : WIN32 : jturner' 2002/10/04 14:46:53| redirectStart: 'http://10.20.10.223/logo.gif' 2002/10/04 14:46:53| helperDispatch: Request sent to redirector #1, 56 bytes 2002/10/04 14:46:53| helperHandleRead: 1 bytes from redirector #1. 2002/10/04 14:46:53| helperHandleRead: end of reply found 2002/10/04 14:46:53| redirectHandleRead: {} 2002/10/04 14:46:53| redirectStart: 'http://10.20.10.223/scout.jpg' 2002/10/04 14:46:53| helperDispatch: Request sent to redirector #1, 51 bytes 2002/10/04 14:46:53| helperHandleRead: 1 bytes from redirector #1. 2002/10/04 14:46:53| helperHandleRead: end of reply found 2002/10/04 14:46:53| redirectHandleRead: {} 2002/10/04 14:46:53| identReadReply: FD 19: Read '3156 , 8080 : USERID : WIN32 : jturner' 2002/10/04 14:51:54| redirectStart: 'http://www.porn.com/' 2002/10/04 14:51:54| helperDispatch: Request sent to redirector #1, 48 bytes 2002/10/04 14:51:54| helperHandleRead: 123 bytes from redirector #1. 2002/10/04 14:51:54| helperHandleRead: end of reply found 2002/10/04 14:51:54| redirectHandleRead: {http://10.20.10.223/denied.php?client=10.20.10.100&user=jtu rner&url=http://www.porn.com/ 10.20.10.100/- jturner GET} 2002/10/04 14:51:54| redirectStart: 'http://10.20.10.223/js/deny.js' 2002/10/04 14:51:54| helperDispatch: Request sent to redirector #1, 60 bytes 2002/10/04 14:51:54| helperHandleRead: 1 bytes from redirector #1. 2002/10/04 14:51:54| helperHandleRead: end of reply found 2002/10/04 14:51:54| redirectHandleRead: {} 2002/10/04 14:51:54| redirectStart: 'http://10.20.10.223/logo.gif' 2002/10/04 14:51:54| helperDispatch: Request sent to redirector #1, 56 bytes 2002/10/04 14:51:54| helperHandleRead: 1 bytes from redirector #1. 2002/10/04 14:51:54| helperHandleRead: end of reply found 2002/10/04 14:51:54| redirectHandleRead: {} 2002/10/04 14:51:54| redirectStart: 'http://10.20.10.223/scout.jpg' 2002/10/04 14:51:54| helperDispatch: Request sent to redirector #1, 51 bytes 2002/10/04 14:51:54| helperHandleRead: 1 bytes from redirector #1. 2002/10/04 14:51:54| helperHandleRead: end of reply found 2002/10/04 14:51:54| redirectHandleRead: {} 2002/10/04 14:51:54| identReadReply: FD 19: Read '3162 , 8080 : USERID : WIN32 : jturner' <--------------------------> The only things that appear inconsistent are the byte size sent to the redirector 42 vs 48... could this be due to squid sending/not sending the ident info??? And the fact that the ident info is actually missing going to the redirector.. 2002/10/04 14:46:53| redirectHandleRead: {http://10.20.10.223/denied.php?client=10.20.10.100&user=jtu rner&url=http://www.porn.com/ 10.20.10.100/- **jturner** GET} 2002/10/04 14:56:19| redirectHandleRead: {http://10.20.10.223/denied.php?client=10.20.10.100&user=&ur l=http://www.porn.com/ 10.20.10.100/- **-** GET} What do you make of this Rick? A problem in Squid? Cheers Jay -----Original Message----- From: Rick Matthews [mailto:[EMAIL PROTECTED]] Sent: Friday, 4 October 2002 10:17 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: ident Jay Turner wrote: > -----<snip>------- > Squid logs the ident for every request. By setting up a custom log on a > destination, I see that squidGuard only receives the ident information > sometimes. -----<snip>------- > Any ideas? -----<snip>------- I don't have the answers, but I think I can help. Add the following line to your squid.conf: 'debug_options ALL,1 28,9 29,9 30,9' (Note the spaces) Save the file and run 'squid -k reconfigure'. That will turn on the max debug level for: Section 28 - Access Control Section 29 - Redirector Section 30 - Ident (RFC 931) Fire up your browser and click a couple of links. (A couple of links gave me 2300 lines of debug data.) Comment out the debug_options line and 'squid -k reconfigure'. You'll find the information in your squid cache.log file. I really think this will identify what is happening when, and where the process is breaking down. I'd really like to hear what you find. Rick Matthews
