Hi, I install a solution Squid - dansguardian - squid and the acces log is not showing the user-logon-name and source IP. When we put NTLM and ACLs we receive access denied. Squid conf 1: cache_effective_user squid cache_effective_group squid http_port 3128 cache_dir aufs /cache 28000 16 256 pid_filename /var/run/squid/squid.pid cache_peer 127.0.0.1 parent 8080 0 no-query login=*:nopassword forwarded_for on # PASSA IP DOS CLIENTES PARA O DANSGUARDIAM hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? cache deny QUERY acl apache rep_header Server ^Apache broken_vary_encoding allow apache #access_log /var/log/squid/access_barcelona.log squid #useragent_log /var/log/squid/useragent.log # SOMENTE HABILITE PARA AUDITAR USER-AGENT DE BROWSERS log_mime_hdrs on cache_store_log none refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow all http_reply_access allow all icp_access allow all coredump_dir /usr/local/squid/var/cache dns_nameservers 10.12.0.33 10.12.0.37 [root@barcelona ~]# clear [root@barcelona ~]# cat /usr/local/squid/etc/squid.conf cache_effective_user squid cache_effective_group squid http_port 3128 cache_dir aufs /cache 28000 16 256 pid_filename /var/run/squid/squid.pid cache_peer 127.0.0.1 parent 8080 0 no-query login=*:nopassword forwarded_for on # PASSA IP DOS CLIENTES PARA O DANSGUARDIAM hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? cache deny QUERY acl apache rep_header Server ^Apache broken_vary_encoding allow apache #access_log /var/log/squid/access_barcelona.log squid #useragent_log /var/log/squid/useragent.log # SOMENTE HABILITE PARA AUDITAR USER-AGENT DE BROWSERS log_mime_hdrs on cache_store_log none refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow all http_reply_access allow all icp_access allow all coredump_dir /usr/local/squid/var/cache dns_nameservers 10.12.0.33 10.12.0.37 Squid NTLM conf 2 : cache_effective_user squid cache_effective_group squid http_port 127.0.0.1:3030 cache_dir null /dev/null pid_filename /var/run/squid/squid-ntlm.pid hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? cache deny QUERY acl apache rep_header Server ^Apache broken_vary_encoding allow apache # FAKE AUTH auth_param ntlm program /usr/local/squid/libexec/fakeauth_auth auth_param ntlm children 30 # NTLM #auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp #auth_param ntlm children 30 access_log /var/log/squid/access_barcelona.log squid cache_store_log none refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 # Busca os grupos no AD external_acl_type nt_group children=30 %LOGIN /usr/local/squid/libexec/wbinfo_group.pl # ACL Dos usuarios autenticados acl usuarios_autenticados proxy_auth REQUIRED # ACL de acesso acl webbloqueada external nt_group WEBBLOQUEADA acl webliberada external nt_group WEBLIBERADA # ACL de teste para a SESRE acl sesre external nt_group SESRE acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT #acl ntlm proxy_auth REQUIRED http_access allow localhost #http_access allow ntlm http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow usuarios_autenticados all http_access allow webliberada all http_access allow sesre all #http_access allow all #http_reply_access allow all http_reply_access allow webliberada http_reply_access allow sesre http_access deny all http_reply_access deny all icp_access allow all coredump_dir /usr/local/squid/var/cache dns_nameservers 10.12.0.33 10.12.0.37 Thanks for helping,
