RE: [squid-users] Wb_ntlmauth breaks persistant_request_timeout?

Henrik,
The work-around seemed to work when persistent connections are required for forms. However, it only solved half of the pages that die. The other pages, as stated before are .jsp and .asp. Right now I am on Support.Nokia.com and cruising around in their Secure Knowledge database. It is over an SSL connection. There is no time associated with these connections. They will just die randomly. I have ran tcpdump and watched the communication between my pc and squid and squid to the site. I have also run winbindd -I -d 5 and watched the wb_ntlmauth authenticate. When the page dies, this is what I see:
1. No traffic between squid and the www server

2. A GET from my pc to squid, then a bunch of resets from squid
15:46:10.237360 172.30.40.9.4837 > 172.30.40.129.webcache: P 26148:26696(548) ack 392302 win 63914 (DF)
15:46:10.237400 172.30.40.129.webcache > 172.30.40.9.4837: R 3142048205:3142048205(0) win 0 (DF)
15:46:10.240155 172.30.40.9.4881 > 172.30.40.129.webcache: P 7478:8026(548) ack 97709 win 63140 (DF)
15:46:10.240168 172.30.40.129.webcache > 172.30.40.9.4881: R 3246741445:3246741445(0) win 0 (DF)
15:46:10.242944 172.30.40.9.4884 > 172.30.40.129.webcache: P 4283:4831(548) ack 39913 win 63896 (DF)
15:46:10.242955 172.30.40.129.webcache > 172.30.40.9.4884: R 3274480944:3274480944(0) win 0 (DF)
15:46:10.322882 172.30.40.9.4888 > 172.30.40.129.webcache: P 2130:2682(552) ack 2949 win 63051 (DF)
15:46:10.322927 172.30.40.129.webcache > 172.30.40.9.4888: R 3278875919:3278875919(0) win 0 (DF)
15:46:10.330602 172.30.40.9.4889 > 172.30.40.129.webcache: P 2129:2681(552) ack 3075 win 62925 (DF)
15:46:10.330613 172.30.40.129.webcache > 172.30.40.9.4889: R 3283117104:3283117104(0) win 0 (DF)
15:46:10.338955 172.30.40.9.4857 > 172.30.40.129.webcache: P 19720:20272(552) ack 123192 win 62913 (DF)
15:46:10.338968 172.30.40.129.webcache > 172.30.40.9.4857: R 3165722545:3165722545(0) win 0 (DF)
15:46:17.518763 172.30.40.9.4891 > 172.30.40.129.webcache: P 1279:1754(475) ack 2279 win 63721 (DF)
15:46:17.518811 172.30.40.129.webcache > 172.30.40.9.4891: R 3287382486:3287382486(0) win 0 (DF)

3. No winbindd activity (probably because it's still reusing the last auth)

4. access.log shows the following for that get:
1057873610.209 30424 172.30.40.9 TCP_MISS/200 529 CONNECT support.nokia.com:443 DOMAIN\USER DIRECT/192.100.104.50 -
1057873610.219 30406 172.30.40.9 TCP_MISS/200 511 CONNECT support.nokia.com:443 DOMAIN\USER DIRECT/192.100.104.50 -
1057873610.420 30309 172.30.40.9 TCP_MISS/200 567 CONNECT support.nokia.com:443 DOMAIN\USER DIRECT/192.100.104.50 -
1057873610.429 30291 172.30.40.9 TCP_MISS/200 537 CONNECT support.nokia.com:443 DOMAIN\USER DIRECT/192.100.104.50 -

I don't know how else to T-shoot this. Is there any other way to put squid in a detailed debug and interactive mode?

Just to refresh your memory:
Client: IE6.0 SP-1
Server: RH9.0
Squid: 2.5.3
Auth: wb_group and wb_ntlmauth

Thanks for your help.

-Mark

-----Original Message-----
From: Henrik Nordstrom [mailto:hno@squid-cache.org]
Sent: Monday, July 07, 2003 10:02 AM
To: Mark Pelkoski
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] Wb_ntlmauth breaks persistant_request_timeout?

mån 2003-07-07 klockan 16.55 skrev Mark Pelkoski:
> This appears to be a bug to me. I have 800 users and many of them are
> complaining about this. I am trying to get rid of our M$ proxy servers
> for other reasons mentioned in past postings. Please help with this. I
> can provide .conf files and ethereal dumps if requested. I have
> duplicated this on two different servers. TIA.

>From your description it sound like you are bitten by

  Bug #267 Form POSTing troubles with NTLM authentication
  <url:http://www.squid-cache.org/bugs/show_bug.cgi?id=267>

If this is your problem then as a workaround you can try allowing POST requests without requiring authentication.

Regards
Henrik

-- 
Donations welcome if you consider my Free Squid support helpful. https://www.paypal.com/xclick/business=hno%40squid-cache.org
Please consult the Squid FAQ and other available documentation before asking Squid questions, and use the squid-users mailing-list when no answer can be found. Private support questions is only answered for a fee or as part of a commercial Squid support contract.
If you need commercial Squid support or cost effective Squid and firewall appliances please refer to MARA Systems AB, Sweden http://www.marasystems.com/, info@marasystems.com