On Tue, 20 Sep 2011 18:37:47 +0300, E.S. Rosenberg wrote:
> Hi,
> We are running squid 3.1 with NTLM authentication and I would like it
> if access.log were not logging the HTTP/407 responses sent by squid
> to
> the browser on every single request.
> Ideally the logging of the 407 would be something I turn on when I
> want to know if a client is failing due to auth issues but generally
> off.
>
> Why would I like the 407s not logged? Since browsers seem to not
> remember that in the last request they had to send an NTLM header so
> this request they will also need it every single request made by the
> browser seems to be go with at least one if not more HTTP/407
> responses issued by the cache, each such response is about 4k in size
> (if I read the log right) and at the end of the day when I run
> analasys on the logs I have very skewed numbers since errors that
> were
> anyhow internal are counted the same way as external page access.
> Also the 'excessive' amount of 407 traffic balloons the logfiles on
> our more used proxy to the point that much more aggressive rotation
> rules are needed.
>
> Thanks,
> Eli
Start with a check that persistent connections are enabled to both
clients and servers. The current generation of browsers are very good at
maintaining HTTP persistence when it is permitted. This by itself should
cut down the amount of 407's a lot.
If it is still a problem after that the http_status ACL type can
prevent caching by status result, or just to a particular file.
Amos
Received on Wed Sep 21 2011 - 04:15:29 MDT
This archive was generated by hypermail 2.2.0 : Wed Sep 21 2011 - 12:00:02 MDT