Hi.tank you for the reply.
This is my squid version ans how it was compiled:
Squid Cache: Version 3.1.8
configure options: '--with-maxfd=8192' '--prefix=/usr'
'--libdir=/usr/lib64' '--sysconfdir=/etc/squid'
'--localstatedir=/var/log/squid' '--datadir=/usr/share/squid'
'--mandir=/usr/man' '--with-pthreads' '--enable-follow-x-forwarded-for'
'--enable-storeio=aufs ufs diskd' '--enable-removal-policies=lru heap'
'--enable-delay-pools' '--enable-snmp' '--enable-icap-client'
'--enable-auth=basic ntlm digest' '--enable-basic-auth-helpers=DB LDAP NCSA
MSNT SMB getpwnam' '--enable-digest-auth-helpers=ldap password'
'--enable-ntlm-auth-helpers=smb_lm' '--enable-external-acl-helpers=ip_user
ldap_group unix_group wbinfo_group' '--enable-linux-netfilter'
'--enable-async-io' '--build=x86_64-slackware-linux'
'build_alias=x86_64-slackware-linux' 'CFLAGS=-O2 -fPIC'
'CXXFLAGS=-O2 -fPIC' --with-squid=/tmp/SBo/squid-3.1.8
Here is itÂs configuration:
auth_param basic program /usr/libexec/ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm Squid proxy-caching: SEU ACESSO ESTA SENDO MONITORADO
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl localhost src ::1/128
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl to_localhost dst ::1/128
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl SEARCH method SEARCH
acl FTP proto FTP
...
# Local ACLs
acl PURGE method PURGE
acl password proxy_auth REQUIRED
acl localnet src 172.31.0.0/24
...
acl MULTIMEDIA rep_mime_type -i ^(audio\/x-mpegurl|audio\/mpeg)$
acl MULTIMEDIA rep_mime_type -i ^(video\/flv|video\/x-flvs)$
acl MULTIMEDIA rep_mime_type -i
^(application\/x-shockwave-flash||application\/ogg)$
acl MULTIMEDIA rep_mime_type -i ^(audio\/ogg|video\/ogg)$
...
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow PURGE localhost
http_access deny PURGE
http_access allow localnet password
http_access deny all
http_port 3128
hierarchy_stoplist cgi-bin ?
cache_dir ufs /var/cache/squid/ 1000 16 256
access_log /var/log/squid/access.log squid
icap_log /var/log/squid/icap_access.log
cache_store_log none
logfile_rotate 0
pid_filename /var/run/squid/squid.pid
cache_log /var/log/squid/cache.log
coredump_dir /var/log/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
icap_enable on
icap_send_client_ip on
icap_send_client_username on
icap_client_username_header X-Authenticated-User
icap_service service_av_req reqmod_precache bypass=1
icap://localhost:1344/srv_clamav
icap_service service_av_resp respmod_precache bypass=1
icap://localhost:1344/srv_clamav
icap_service service_url_check_req reqmod_precache bypass=1
icap://localhost:1344/url_check
adaptation_access service_av_resp deny MULTIMEDIA
adaptation_access service_av_resp allow all
adaptation_service_chain REQ_CHAIN service_url_check_req service_av_req
adaptation_access REQ_CHAIN deny MULTIMEDIA
adaptation_access REQ_CHAIN allow all:
The only change made from the normal operation mod to the use of c-icap was
to add the icap configuration and services.
Regards.
Carlos Xavier.
----- Original Message -----
From: "Amos Jeffries" <squid3@xxxxxxxxxxxxx>
To: <squid-users@xxxxxxxxxxxxxxx>
Sent: Wednesday, October 20, 2010 12:46 AM
Subject: Re: Missing username on logs when using c-icap
On Tue, 19 Oct 2010 15:45:56 -0200, "Carlos Xavier"
<cbastos@xxxxxxxxxxxxxxxxx> wrote:
Hi.
We use SARG to generate some statistical data and also to have some
control
where our authenticated users are going. This control are based on the
username on the squid access log.
Now we started to use c-icap to check for virus and check the url. Since
then the username of the users doing the request are not showing on the
logs anymore .
Is there a way to force squid to output the username on the log?
Here are the log entry withouc c-icap
1287458110.628 282 187.15.127.198 TCP_MISS/200 13196 GET
http://www.squid-cache.org.br/templates/mambodefault/images/banner3.swf
avg
DIRECT/216.59.16.196 application/x-shockwave-flash
Adn the same access done using c-icap
1287510188.937 6549 187.15.127.198 TCP_HIT/200 13207 GET
http://www.squid-cache.org.br/templates/mambodefault/images/banner3.swf
-
NONE/- application/x-shockwave-flash
Squid version? configuration?
Amos