Re: [squid-users] Missing username on logs when using c-icap

Hi Amos.

Based on the information of the configuration o sent before do you think I
am missing something
or should I report it as a bug.

Squid properly passes the user to c-icap but it seans to "forget" it is one
authenticated request and dont set the username on the log.

Regards
Carlos.

----- Original Message -----
From: "Carlos Xavier" <cbastos_at_connection.com.br>
To: <squid-users_at_squid-cache.org>
Sent: Wednesday, October 20, 2010 2:25 AM
Subject: Re: [squid-users] Missing username on logs when using c-icap

> Hi.tank you for the reply.
>
> This is my squid version ans how it was compiled:
>
> Squid Cache: Version 3.1.8
> configure options: '--with-maxfd=8192' '--prefix=/usr'
> '--libdir=/usr/lib64' '--sysconfdir=/etc/squid'
> '--localstatedir=/var/log/squid' '--datadir=/usr/share/squid'
> '--mandir=/usr/man' '--with-pthreads' '--enable-follow-x-forwarded-for'
> '--enable-storeio=aufs ufs diskd' '--enable-removal-policies=lru heap'
> '--enable-delay-pools' '--enable-snmp' '--enable-icap-client'
> '--enable-auth=basic ntlm digest' '--enable-basic-auth-helpers=DB LDAP
> NCSA MSNT SMB getpwnam' '--enable-digest-auth-helpers=ldap password'
> '--enable-ntlm-auth-helpers=smb_lm' '--enable-external-acl-helpers=ip_user
> ldap_group unix_group wbinfo_group' '--enable-linux-netfilter'
> '--enable-async-io' '--build=x86_64-slackware-linux'
> 'build_alias=x86_64-slackware-linux' 'CFLAGS=-O2 -fPIC'
> 'CXXFLAGS=-O2 -fPIC' --with-squid=/tmp/SBo/squid-3.1.8
>
> Here is it´s configuration:
>
> auth_param basic program /usr/libexec/ncsa_auth /etc/squid/passwd
> auth_param basic children 5
> auth_param basic realm Squid proxy-caching: SEU ACESSO ESTA SENDO
> MONITORADO
> auth_param basic credentialsttl 2 hours
> auth_param basic casesensitive off
> acl manager proto cache_object
> acl localhost src 127.0.0.1/32
> acl localhost src ::1/128
> acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
> acl to_localhost dst ::1/128
> acl SSL_ports port 443 563
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 563 # https, snews
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl CONNECT method CONNECT
> acl SEARCH method SEARCH
> acl FTP proto FTP
> ...
> # Local ACLs
> acl PURGE method PURGE
> acl password proxy_auth REQUIRED
> acl localnet src 172.31.0.0/24
> ...
> acl MULTIMEDIA rep_mime_type -i ^(audio\/x-mpegurl|audio\/mpeg)$
> acl MULTIMEDIA rep_mime_type -i ^(video\/flv|video\/x-flvs)$
> acl MULTIMEDIA rep_mime_type -i
> ^(application\/x-shockwave-flash||application\/ogg)$
> acl MULTIMEDIA rep_mime_type -i ^(audio\/ogg|video\/ogg)$
> ...
> http_access allow manager localhost
> http_access deny manager
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> http_access allow localhost
> http_access allow PURGE localhost
> http_access deny PURGE
> http_access allow localnet password
> http_access deny all
> http_port 3128
> hierarchy_stoplist cgi-bin ?
> cache_dir ufs /var/cache/squid/ 1000 16 256
> access_log /var/log/squid/access.log squid
> icap_log /var/log/squid/icap_access.log
> cache_store_log none
> logfile_rotate 0
> pid_filename /var/run/squid/squid.pid
> cache_log /var/log/squid/cache.log
> coredump_dir /var/log/squid
> refresh_pattern ^ftp: 1440 20% 10080
> refresh_pattern ^gopher: 1440 0% 1440
> refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
> refresh_pattern . 0 20% 4320
>
> icap_enable on
> icap_send_client_ip on
> icap_send_client_username on
> icap_client_username_header X-Authenticated-User
> icap_service service_av_req reqmod_precache bypass=1
> icap://localhost:1344/srv_clamav
> icap_service service_av_resp respmod_precache bypass=1
> icap://localhost:1344/srv_clamav
> icap_service service_url_check_req reqmod_precache bypass=1
> icap://localhost:1344/url_check
> adaptation_access service_av_resp deny MULTIMEDIA
> adaptation_access service_av_resp allow all
> adaptation_service_chain REQ_CHAIN service_url_check_req service_av_req
> adaptation_access REQ_CHAIN deny MULTIMEDIA
> adaptation_access REQ_CHAIN allow all:
>
> The only change made from the normal operation mod to the use of c-icap
> was to add the icap configuration and services.
>
> Regards.
> Carlos Xavier.
>
>
> ----- Original Message -----
> From: "Amos Jeffries" <squid3_at_treenet.co.nz>
> To: <squid-users_at_squid-cache.org>
> Sent: Wednesday, October 20, 2010 12:46 AM
> Subject: Re: [squid-users] Missing username on logs when using c-icap
>
>
>> On Tue, 19 Oct 2010 15:45:56 -0200, "Carlos Xavier"
>> <cbastos_at_connection.com.br> wrote:
>>> Hi.
>>> We use SARG to generate some statistical data and also to have some
>>> control
>>> where our authenticated users are going. This control are based on the
>>> username on the squid access log.
>>> Now we started to use c-icap to check for virus and check the url. Since
>>
>>> then the username of the users doing the request are not showing on the
>>
>>> logs anymore .
>>> Is there a way to force squid to output the username on the log?
>>>
>>> Here are the log entry withouc c-icap
>>> 1287458110.628 282 187.15.127.198 TCP_MISS/200 13196 GET
>>> http://www.squid-cache.org.br/templates/mambodefault/images/banner3.swf
>>> avg
>>> DIRECT/216.59.16.196 application/x-shockwave-flash
>>>
>>> Adn the same access done using c-icap
>>> 1287510188.937 6549 187.15.127.198 TCP_HIT/200 13207 GET
>>> http://www.squid-cache.org.br/templates/mambodefault/images/banner3.swf
>> -
>>> NONE/- application/x-shockwave-flash
>>>
>>
>> Squid version? configuration?
>>
>> Amos
>>
>
>
Received on Fri Oct 22 2010 - 22:26:08 MDT