I wrote a post to squid-dev a couple months ago which covered this issue - we should use different logging codes for the authentication procedure rather than just TCP_DENIED. Opinion was positive; but I haven't any time to get it done. (Anyone want a mini-project?)
What section(s) of the source code handles this? Chris -- Chris Nighswonger Network & Systems Director Foundations Bible College & Seminary www.foundations.edu www.fbcradio.org