Search squid archive

Re: cache_peer - multiple ones

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Henrik Nordstrom wrote:

tis 2007-05-01 klockan 23:41 +0100 skrev Gareth Edmondson:
Thanks for the advice here. I read about this name= option earlier in the archives - but I got the impression from previous posters that it was in version 3 of squid and not the stable version that ships with Debian Etch. The stable version is 2.6.5-6. 

It's in 2.6 and later.


cache_peer_access sslproxy allow CONNECT
cache_peer_access sslproxy deny all
cache_peer_access <original upstream name> deny CONNECT
cache_peer_access <original upstream name> allow all

I'm not sure they are in the right order.


Looks fine.

order of cache_peer_access is important, but only per peer. The order of
the peers is not important.
Everything seems to be working. However when we try and connect to the 443 website it challenges us again for the AD username and password. Upon entering this the browser challenges us again and again and again - simply not letting us through. 

One more thing, have you added trust between Squid and the peer for
forwarding of proxy authentication? See the login option to cache_peer.

Regards
Henrik
Here is an extract of my access.log file - what is the difference between a HIT and a MISS in this scenario?
1178111113.463 0 127.0.0.1 TCP_HIT/200 506 GET http://communities.rm.com/forums/skins/communities/images/message_gradient_header.gif - NONE/- image/gif 1178111113.515 53 127.0.0.1 TCP_MISS/404 1952 GET http://communities.rm.com/favicon.ico - DEFAULT_PARENT/webcluster.education.swansea.sch.uk text/html 1178111115.152 111 127.0.0.1 TCP_MISS/302 1302 GET http://communities.rm.com/forums/member/default.aspx - DEFAULT_PARENT/webcluster.education.swansea.sch.uk text/html 1178111115.198 3 127.0.0.1 TCP_MISS/000 3112 CONNECT communities.rm.com:443 - DEFAULT_PARENT/proxyssl - 1178111118.229 3 127.0.0.1 TCP_MISS/000 3112 CONNECT communities.rm.com:443 - DEFAULT_PARENT/proxyssl - 1178111121.481 3 127.0.0.1 TCP_MISS/000 3112 CONNECT communities.rm.com:443 - DEFAULT_PARENT/proxyssl -
You can see clearly where I have attempted to access a 443 website - yet it still asks me to authenticate against the AD with my username and password. The problem must lie with my authentication modules. 

GJE
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux