twinturbo@xxxxxxx wrote:
SQ 3.1.0.7
We are running a new squid box to replace our 2.6 box. It all works fine except
it does seem to be requesting IDENT,
I have tried recompiling with "enable-ident-lookups" but this seems to have made
no difference.
I have tried
acl_ident_aware_hosts src 10.106.88.0/21
ident_lookup_access allow ident_aware_hosts
ident_lookup_access deny all
( nothing seems to be blocked even if there is no ident returned?? )
This only blocks the actual sending of an ident packet. The HTTP request
itself will go through normally.
also tried
ident_lookup on ( causes a config error )
and
acl validuser ident REQUIRED
http_access allow valideuser
3.1 triggers an ident request as soon as a client connects.
I would expect this to check for an existing result from that previous,
trigger another if still needed.
And permit the HTTP request through if any ident at all was returned.
Nothign seesm to work I just get a DASH where the user name should be.
Default log format or a custom one? Usernames have several different
logformat tags and places logged to cater for the different types of
username.
I have tested the ident server response via telnet and it responds with the
correct information.
SO
in order to log the ident user name, and prevent access from and request without
a username.... What should I be doing in SQ3.1 as it works fine on 2.6.
There were ident fixes as afar up as 3.1.0.8, and some further shuffling
in 3.1.0.9.
Still some bugs open, and of course the possibility of unknown bugs
still to fix.
Can you try 3.1.0.10?
If still present in that release please see if you can track down whats
actually going wrong and report it.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE6 or 3.0.STABLE16
Current Beta Squid 3.1.0.10 or 3.1.0.11