Dang, that's it - I knew I couldn't auth with ident on a transparent proxy,
but hoped I could use it for logging.
Henrik Nordstrom wrote:
> Are you running a transparent proxy or a normal proxy?
>
> ident cannot be used in transparent proxies, as none of the known
> interception methods allows the application (i.e. Squid) to initiate
> the ident request with the correct source address.
>
> Regards
> Henrik
>
> On Thursday 27 February 2003 18.51, Chris Hobbs wrote:
>
>>I'm trying to log userids from users on a linux terminal server on
>>our squid server. I've just compiled a fresh squid-2.5.STABLE1 and
>>made sure I did not use the --disable-ident-lookups flag on
>>configure. However, including the following in my squid.conf does
>>not provide the expected results:
>>
>>acl ltsp src 10.168.12.235/255.255.255.255
>>ident_lookup_access allow ltsp
>>ident_lookup_access deny all
>>
>>I've used a packet sniffer on the squid box and I do not see a
>>request being made on port 113 at all, so it appears that squid is
>>not generating the request.
>>
>>Looking through google I found the following suggested additional
>>config to try to force ident lookups:
>>
>>acl test ident REQUIRED
>>http_access deny test !all
>>
>>This does not seem to help either. Any ideas would be greatly
>>appreciated!
>
>
-- Chris Hobbs Silver Valley Unified School District Head geek: Technology Services Coordinator webmaster: http://www.silvervalley.k12.ca.us/~chobbs/ postmaster: chobbs@silvervalley.k12.ca.us pgp: http://www.silvervalley.k12.ca.us/~chobbs/key.ascReceived on Thu Feb 27 2003 - 12:33:03 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:45 MST