Re: [squid-users] MSN problems with squid+NTLM

From: Guilherme Oliveira <guilherme.oliveira@dont-contact.us>
Date: Wed, 21 Dec 2005 16:47:21 +0000

Hi again!

I've done that and no success. I thing there is some problem in squid
or msn with authentication :-/

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 1863
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 8087 # https, snews, webmail
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 25 110 # External Mail
acl Safe_ports port 1863 # MSN
acl update-micro-dom dstdomain .microsoft.com
acl update-micro-dom dstdomain .windowsupdate.com
acl CONNECT method CONNECT

acl localhost_acl src 127.0.0.1
redirector_access deny localhost_acl
acl SSL_ports port 443 563 1863
redirector_access deny SSL_ports
http_access allow localhost

acl msnmessenger url_regex -i gateway.dll
acl msnmessenger url_regex -i RST.srf
http_access allow msnmessenger
http_access allow update-micro-dom

acl chat_external dstdomain .msn.com
acl chat_external dstdomain .hotmail.com
acl chat_external dstdomain loginnet.passport.com
always_direct allow chat_external
#never_direct allow all

acl NTLMUsers proxy_auth REQUIRED
http_access allow NTLMUsers

1135183240.828 2165 127.0.0.1 TCP_MISS/200 355 HEAD
http://gateway.messenger.hotmail.com/gateway/gateway.dll? -
DIRECT/65.54.239.21 application/x-msn-messenger
1135183241.269 440 127.0.0.1 TCP_MISS/200 356 GET
http://gateway.messenger.hotmail.com/gateway/gateway.dll? -
DIRECT/65.54.239.21 application/x-msn-messenger
1135183242.986 45704 192.168.1.36 TCP_MISS/200 389 POST
http://gateway.messenger.hotmail.com/gateway/gateway.dll? -
DIRECT/65.54.239.21 application/x-msn-messenger
1135183244.468 1414 127.0.0.1 TCP_MISS/400 334 HEAD
http://207.46.1.3/gateway/gateway.dll? - DIRECT/207.46.1.3
application/x-msn-messenger
1135183244.971 1985 192.168.1.36 TCP_MISS/200 532 POST
http://207.46.1.3/gateway/gateway.dll? - DIRECT/207.46.1.3
application/x-msn-messenger
1135183245.306 317 127.0.0.1 TCP_MISS/400 334 HEAD
http://207.46.1.3/gateway/gateway.dll? - DIRECT/207.46.1.3
application/x-msn-messenger
1135183246.013 1042 192.168.1.36 TCP_MISS/200 524 POST
http://207.46.1.3/gateway/gateway.dll? - DIRECT/207.46.1.3
application/x-msn-messenger
1135183246.390 329 127.0.0.1 TCP_MISS/200 354 HEAD
http://207.46.1.3/gateway/gateway.dll? - DIRECT/207.46.1.3
application/x-msn-messenger
1135183246.718 677 127.0.0.1 TCP_MISS/200 384 HEAD
http://loginnet.passport.com/RST.srf - DIRECT/65.54.179.192 text/html
1135183246.746 354 127.0.0.1 TCP_MISS/400 334 GET
http://207.46.1.3/gateway/gateway.dll? - DIRECT/207.46.1.3
application/x-msn-messenger
1135183248.227 2171 192.168.1.36 TCP_MISS/400 334 POST
http://207.46.1.3/gateway/gateway.dll? - DIRECT/207.46.1.3
application/x-msn-messenger
1135183248.239 1520 127.0.0.1 TCP_MISS/200 722 GET
http://loginnet.passport.com/RST.srf - DIRECT/65.54.183.192 text/html
1135183249.400 3385 192.168.1.36 TCP_MISS/000 0 POST
http://loginnet.passport.com/RST.srf - DIRECT/65.54.179.192 -

On 12/21/05, Guilherme Oliveira <guilherme.oliveira@gmail.com> wrote:
> ---------- Forwarded message ----------
> From: Kashif Ali Bukhari <kbukhari@gmail.com>
> Date: Dec 20, 2005 6:49 PM
> Subject: Re: [squid-users] MSN problems with squid+NTLM
> To: Guilherme Oliveira <guilherme.oliveira@gmail.com>
> Cc: squid-users@squid-cache.org
>
>
> bypass gateway.dll from auth program
>
> On 12/20/05, Guilherme Oliveira <guilherme.oliveira@gmail.com> wrote:
> > I have configured Squid integrated with AD/w3k using NTLM but even
> > giving DIRECT access to .msn.com+passport.com, MSN don't authenticate
> > itself.
> >
> > It's strange because it works without NTLM auth. Lots of people are
> > having this problem.
> >
> > On 12/19/05, Kashif Ali Bukhari <kbukhari@gmail.com> wrote:
> > > you did not describe your problem :P
> > >
> > > On 12/19/05, Guilherme Oliveira <guilherme.oliveira@gmail.com> wrote:
> > > > Hi !
> > > >
> > > > I've searched the FAQ, Archives, Google, ... and found a lot of people
> > > > with this problem but none valid answer or correction to the problem.
> > > > It happens when squid uses NTLM authentication while MSN tries to log on.
> > > >
> > > > Any solution ?
> > > >
> > > > Thanks.
Received on Wed Dec 21 2005 - 09:47:25 MST

This archive was generated by hypermail pre-2.1.9 : Sat Dec 31 2005 - 12:00:03 MST