[squid-users] DENIED and ALLOWED at once?
Jok Thuau
jok at spikes.com
Fri Aug 19 18:41:11 UTC 2016
On Fri, Aug 19, 2016 at 9:33 AM, Sergio Belkin <sebelk at gmail.com> wrote:
> /var/log/squid/access.log
> 192.168.50.41 - - [19/Aug/2016:12:19:45 -0300] "CONNECT
> beap-bc.yahoo.com:443 HTTP/1.1" 407 4634 "-" "Mozilla/5.0 (Windows NT
> 6.1; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0" TCP_DENIED:HIER_NONE
>
This is "unauthenticated (notice the "- -" after the IP)
> 192.168.50.41 - juan.perez [19/Aug/2016:12:19:45 -0300] "CONNECT
> beap-bc.yahoo.com:443 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1;
> WOW64; rv:41.0) Gecko/20100101 Firefox/41.0" TAG_NONE:HIER_DIRECT
>
>
This one is authenticated (juan.perez). The code 407 in the first request
means "proxy request authentication". So what happened here is that the
user browsed, was asked for credentials (and maybe those were provided
automatically), and then the request was resent with the creds included.
http_access deny !kerb_auth
> http_access allow kerb_auth whitelist_ips
>
And here is the config that causes that -- it's totally normal...
Thanks,
Jok
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160819/5587e203/attachment.html>
More information about the squid-users
mailing list