[squid-users] R: [squid-users] R: Re: [squid-users] Squid: What is wrong in myacl????

Hi Henrik

Yes I'm using NTLM authentication:

auth_param ntlm program c:/squid/libexec/mswin_ntlm_auth.exe
external_acl_type NT_global_group %LOGIN c:/squid/libexec/mswin_check_lm_group.exe -G -c
acl DomainUsers external NT_global_group "c:/squid/etc/DomainUsers.txt"
acl Proxy_Messengers_yes external NT_global_group Proxy_Messengers_yes
acl Proxy_Internet_Ts external NT_global_group Proxy_Internet_Ts
acl Proxy_All_Open external NT_global_group Proxy_All_Open
acl Proxy_ftp_porn_block_yes external NT_global_group Proxy_ftp_porn_block_yes

Henrik I will try to read the link you suggested but before I would like to know if there is a way to write the name of acl in log file.
Example:
http://ad.it.doubleclick.net/adj/select.secondamano.it/homepage_rectangle;sz=300x250;ord=1238394311? - NONE/- text/html ACLNAME
This could be useful to troubleshoote the problem whithout rename all acl

Thanks
Marco

-----Messaggio originale-----
Da: Henrik Nordstrom [mailto:henrik@henriknordstrom.net]
Inviato: mercoledì 15 novembre 2006 22.26
A: Reale Marco
Cc: squid-users@squid-cache.org
Oggetto: Re: [squid-users] R: Re: [squid-users] Squid: What is wrong in myacl????

ons 2006-11-15 klockan 15:07 +0100 skrev Reale Marco:

> The problem is that sometimes (AND APPARENTLY WITHOUT REASON)
> authentication pop-up appears even though url currently I'm browsing
> is not wrote in pornsite.txt

Are you using NTLM authentication?

> 1) User open without problem url: www.somesite.com/homepage.aspx and while he is browsing, authentication popup appears.
> 2) I NOTICED THAT PRESSING CANCEL BUTTON, USER WAS ABLE TO CONTINUE BROWSING!!! Thus...I suspected that some object (a banner, a pop-up etc...) was blocked in fact....ENTERING MY CREDENTIALS (I'm in a group with full access) a pop-up with a banner was shown.

Could also be some embedded object in the page which was denied, such as an ad or similar.

> 3) THUS....AND FINALLY....ANALYZING LOG FILE I SAW entries like this:
> 172.16.100.136 TCP_DENIED/407 2181 GET http://secure-it.imrworldwide.com/cgi-bin/m?
> TCP_DENIED/407 2349 GET
> http://ad.it.doubleclick.net/adj/select.secondamano.it/homepage_rectan
> gle;sz=300x250;ord=1238394311? - NONE/- text/html
>
> http://ad.it.doubleclick.net/adj/select.secondamano.it/homepage_rectangle is the pop-up!!!

> This problem is driving me crazy and the only solution I founded is to disable "pornsite" acl even though It isn't a solution....

You could try the FAQ "I set up my access controls, but they don't work!
why?"
<url:http://wiki.squid-cache.org/SquidFaq/SquidAcl#head-57ab8844e9060937c4a654e1aa7568f87cb25aef>

maybe it shows some light into the problem.

Regards
Henrik
Received on Thu Nov 16 2006 - 00:28:38 MST