Search squid archive

Interminted TCP_DENIED

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I've simplified things as far as I can think to and still get what appear to
be random TCP_DENIED/407 errors after I've been authenticated.

Using Squid 2.7 STABLE 9, I'm now just using the digest_pw_auth
authenticator with a single user pw file of test:test. 

If I turn off authentication there's no problem. But with authentication on
I can't get much further than a page or two of sites like Yahoo.com or
LATimes.com (sites with many resources) before I get a 407.

I've run some wireshark captures and could post the http header
request/responses if that helps any. I don't know the digest authentication
protocol well enough to follow all the nonce transitions and all of that to
see if it's a problem.

Here is my squid.conf in hopes that someone might have some ideas on
direction I could take in debugging this.

Is there any way to get more info from Squid about why it's throwing 407's?

_________________________________________________________________
auth_param digest realm US Proxy
auth_param digest program /usr/local/squid/libexec/digest_pw_auth
/tmp/pwfile
auth_param digest children 5
auth_param digest nonce_garbage_interval 5 minutes
auth_param digest nonce_max_duration 30 minutes
auth_param digest nonce_max_count 50
acl all src all
acl localnet src 10.0.0.0/8	# RFC1918 possible internal network
acl localnet src 172.16.0.0/12	# RFC1918 possible internal network
acl localnet src 192.168.0.0/16	# RFC1918 possible internal network
acl authenticated proxy_auth REQUIRED

http_access allow authenticated
http_access deny all
icp_access allow localnet
icp_access deny all

http_port 80
hierarchy_stoplist cgi-bin ?

cache_dir ufs /mnt/sda2/cache-squid 100 16 256
logformat custom_verbose User[%un] TotalBytes[%st] ClientIP[%>a]
LocalPort[%lp] SquidStatus[%Ss] URL[%ru] Time[%{%Y-%m-%d %H}tg:00:00]
HttpStatus[%Hs]
access_log /mnt/sda2/logs-squid/accesslog/access.log custom_verbose
cache_store_log /mnt/sda2/logs-squid/store.log
pid_filename /mnt/sda2/logs-squid/squid.pid
cache_log /mnt/sda2/logs-squid/cache.log
coredump_dir /mnt/sda2/logs-squid/core-dumps

cache_effective_user squid

refresh_pattern ^ftp:		1440	20%	10080
refresh_pattern ^gopher:	1440	0%	1440
refresh_pattern -i (/cgi-bin/|\?) 0	0%	0
refresh_pattern .		0	20%	4320
acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9]
upgrade_http0.9 deny shoutcast
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux