Hi Henrik Yes I'm using NTLM authentication: auth_param ntlm program c:/squid/libexec/mswin_ntlm_auth.exe external_acl_type NT_global_group %LOGIN c:/squid/libexec/mswin_check_lm_group.exe -G -c acl DomainUsers external NT_global_group "c:/squid/etc/DomainUsers.txt" acl Proxy_Messengers_yes external NT_global_group Proxy_Messengers_yes acl Proxy_Internet_Ts external NT_global_group Proxy_Internet_Ts acl Proxy_All_Open external NT_global_group Proxy_All_Open acl Proxy_ftp_porn_block_yes external NT_global_group Proxy_ftp_porn_block_yes Henrik I will try to read the link you suggested but before I would like to know if there is a way to write the name of acl in log file. Example: http://ad.it.doubleclick.net/adj/select.secondamano.it/homepage_rectangle;sz=300x250;ord=1238394311? - NONE/- text/html ACLNAME This could be useful to troubleshoote the problem whithout rename all acl Thanks Marco -----Messaggio originale----- Da: Henrik Nordstrom [mailto:henrik@xxxxxxxxxxxxxxxxxxx] Inviato: mercoledì 15 novembre 2006 22.26 A: Reale Marco Cc: squid-users@xxxxxxxxxxxxxxx Oggetto: Re: R: Re: [squid-users] Squid: What is wrong in myacl???? ons 2006-11-15 klockan 15:07 +0100 skrev Reale Marco: > The problem is that sometimes (AND APPARENTLY WITHOUT REASON) > authentication pop-up appears even though url currently I'm browsing > is not wrote in pornsite.txt Are you using NTLM authentication? > 1) User open without problem url: www.somesite.com/homepage.aspx and while he is browsing, authentication popup appears. > 2) I NOTICED THAT PRESSING CANCEL BUTTON, USER WAS ABLE TO CONTINUE BROWSING!!! Thus...I suspected that some object (a banner, a pop-up etc...) was blocked in fact....ENTERING MY CREDENTIALS (I'm in a group with full access) a pop-up with a banner was shown. Could also be some embedded object in the page which was denied, such as an ad or similar. > 3) THUS....AND FINALLY....ANALYZING LOG FILE I SAW entries like this: > 172.16.100.136 TCP_DENIED/407 2181 GET http://secure-it.imrworldwide.com/cgi-bin/m? > TCP_DENIED/407 2349 GET > http://ad.it.doubleclick.net/adj/select.secondamano.it/homepage_rectan > gle;sz=300x250;ord=1238394311? - NONE/- text/html > > http://ad.it.doubleclick.net/adj/select.secondamano.it/homepage_rectangle is the pop-up!!! > This problem is driving me crazy and the only solution I founded is to disable "pornsite" acl even though It isn't a solution.... You could try the FAQ "I set up my access controls, but they don't work! why?" <url:http://wiki.squid-cache.org/SquidFaq/SquidAcl#head-57ab8844e9060937c4a654e1aa7568f87cb25aef> maybe it shows some light into the problem. Regards Henrik
