[squid-users] We have a big problems with Squid 3.3.8, it's a bug ?
Amos Jeffries
squid3 at treenet.co.nz
Wed Mar 30 10:56:07 UTC 2016
On 30/03/2016 9:40 p.m., Olivier CALVANO wrote:
> Hi
>
> I use:
>
> ## negotiate kerberos and ntlm authentication
> auth_param negotiate program /usr/local/bin/negotiate_wrapper --ntlm
> /usr/bin/ntlm_auth --diagnostics --helper-protocol=squid-2.5-ntlmssp
> --kerberos /usr/lib64/squid/squid_kerb_auth -d -s GSS_C_NO_NAME
> auth_param negotiate children 100 startup=10 idle=1
> auth_param negotiate keep_alive on
>
> ## Module d'authentification NTLM
> auth_param ntlm program /usr/bin/ntlm_auth --diagnostics
> --helper-protocol=squid-2.5-ntlmssp
> auth_param ntlm children 100 startup=10 idle=1
> auth_param ntlm keep_alive on
Try with "keep_alive off" on both of those auth methods. This does not
conflict with connection keep-alive in genral, just closes the
connection at a very specific time in the auth handshake. Without that
certain IE and Firefox can have problems authenticating properly.
Given that the client waited 20 minutes for those WU requests to happen
I doubt it is an actual user. Probably an automated WU background
process doing its thing while they happen to be logged in. Which means
the IE behaviour is relevant.
The yahoo.fr request being 1 hr long is very odd though. That is
something I'd expect to see from a real person user. But not waiting an
hour for. Could they be infected with some toolbar malware?
Amos
More information about the squid-users
mailing list