On Wed, 6 Apr 2005, Marc Grober wrote:
I spent quite a few hours trying to get squid 2.4 stable 7 to do ident lookups. First off, though docs for 2.4 on the web site have been known to be wrong since 2002, they have not been changed and still indicate that you should set ident_lookup to on..... I did find a note where Henrik pointed out that this was not current in 2002 and indicated that the squid.conf was authoritative, but portions of the cong file for 2.4 still reference ident_lookup.
Squid-2.4 is end-of-life since September 2002.
Current maintained Squid version is Squid-2.5, with the current production release being Squid-2.5.STABLE9, and does not reference the ident_lookup directive anywhere.
More problematic was the fact that there was inadequate info on how to configure the ident_lookup_access (especially in light of the confusing text from other directives) and that though ident appears to be working on the client, the acl does not appear to be working.
the acl and ident_lookup_access is independent.
ident_lookup_access only controls if ident lookups shuold be performed in the background even if you do not use ident acls.
Additinally, the current FAQ indicates that you do not need to use the ident_lookup_access command if you have and ident acl.
correct.
doing a tcpdump on the box running squid it appears that using a browser on the remote host results in an ident query, but it does not look like the remote host is responding and the browser will be denied access.
looks like the ident server used does not like something with the ident queries sent by Squid.
Regards Henrik