RE: [squid-users] Quick question about an cache.log issue

Thanks Amos, the tool (http://squid.treenet.co.nz/cf.check/) was very
....... enlightening. I think this squid newbie will work through some
of the errors and warnings before I post back. :)

Thanks

Eric Young

-----Original Message-----
From: Amos Jeffries [mailto:squid3@treenet.co.nz]
Sent: Monday, November 05, 2007 3:33 PM
To: Eric Young
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] Quick question about an cache.log issue

> In my cache.log I am getting
>
>

Looks to me like:
>
> 2007/11/05 09:23:42| The request GET http://cp.slalom.com/ is DENIED,
> because it matched 'password'

someone forgot their password. or browsers first request for the item.

> 2007/11/05 09:23:42| The reply for GET http://cp.slalom.com/ is
ALLOWED,
> because it matched 'password'

remembered password, or browser passed it on this time.

> 2007/11/05 09:23:42| The request GET http://cp.slalom.com/ is DENIED,
> because it matched 'password'
>
> 2007/11/05 09:23:42| The reply for GET http://cp.slalom.com/ is
ALLOWED,
> because it matched 'password'
>
> 2007/11/05 09:23:42| The request GET http://cp.slalom.com/ is ALLOWED,
> because it matched 'ProxyUsers'
>
> 2007/11/05 09:23:42| The reply for GET http://cp.slalom.com/ is
ALLOWED,
> because it matched 'all'
>
> 2007/11/05 09:23:42| The request CONNECT cp.slalom.com:443 is DENIED,
> because it matched 'password'
>
> 2007/11/05 09:23:42| The reply for CONNECT cp.slalom.com:443 is
ALLOWED,
> because it matched 'password'
>
> 2007/11/05 09:23:42| The request CONNECT cp.slalom.com:443 is DENIED,
> because it matched 'password'
>
> 2007/11/05 09:23:42| The reply for CONNECT cp.slalom.com:443 is
ALLOWED,
> because it matched 'password'
>
> 2007/11/05 09:23:42| The request CONNECT cp.slalom.com:443 is ALLOWED,
> because it matched 'ProxyUsers'
>
> 2007/11/05 09:23:42| The request CONNECT cp.slalom.com:443 is DENIED,
> because it matched 'password'
>
> 2007/11/05 09:23:42| The reply for CONNECT cp.slalom.com:443 is
ALLOWED,
> because it matched 'password'
>
> 2007/11/05 09:23:42| The request CONNECT cp.slalom.com:443 is DENIED,
> because it matched 'password'
>
> 2007/11/05 09:23:42| The reply for CONNECT cp.slalom.com:443 is
ALLOWED,
> because it matched 'password'
>
> 2007/11/05 09:23:42| The request CONNECT cp.slalom.com:443 is DENIED,
> because it matched 'password'
>
> 2007/11/05 09:23:42| The reply for CONNECT cp.slalom.com:443 is
ALLOWED,
> because it matched 'password'
>
> 2007/11/05 09:23:42| The request CONNECT cp.slalom.com:443 is ALLOWED,
> because it matched 'ProxyUsers'
>
> 2007/11/05 09:23:42| The request CONNECT cp.slalom.com:443 is DENIED,
> because it matched 'password'
>
> 2007/11/05 09:23:42| The reply for CONNECT cp.slalom.com:443 is
ALLOWED,
> because it matched 'password'
>
> 2007/11/05 09:23:42| The request CONNECT cp.slalom.com:443 is ALLOWED,
> because it matched 'ProxyUsers'
>
>
>
> In my conf I only see two lines that have password in them
>
>
>
> # Use domain authentication (-G for domain global group)
>
> external_acl_type win_domain_group ttl=120 %LOGIN
> e:/squid/libexec/mswin_check_lm_group.exe -G
>
>
>
> # Users must be in the ProxyUsers group in AD (individual users no
> groups)
>
> acl ProxyUsers external win_domain_group ProxyAccess
>
> acl NoProxyUsers external win_domain_group NoProxyAccess
>
>
>
> # Require password for user account
>
> acl password proxy_auth REQUIRED
>
>
>
> http_access allow password ProxyUsers
>
>
>
> Do I have conflicting lines in my conf that would cause this behavior
or
> are these normal entries for cache.log?

Everything in cache.log is normal for cache.log. Whether they are normal
entries under your configuration is a more knotty question.

Without knowing the rest of the squid.conf we can't answer whether any
of
the unknown lines are conflicting.

The one access line you have listed could only cause:
 - allowed because of 'ProxyUsers'
 - denied because of 'ProxyUsers'

give
http://squid.treenet.co.nz/cf.check/ a post me the Ref:.

Amos
Received on Mon Nov 05 2007 - 17:14:45 MST