Hi, I have: debug_options rotate=1 ALL,1 and I'm getting lots of these messages in cache.log: NOTICE: Authentication not applicable on intercepted requests. I have a mixed tproxy/sslbump + auth (via /usr/libexec/squid/negotiate_kerberos_auth) config. I know authentication can't be done on intercepted requests. I'd like to know how to fix my squid conf file in order to avoid logging this message. The relevant parts of my squid.conf should be: external_acl_type nt_group ttl=0 children-max=50 %LOGIN /usr/libexec/squid/ext_wbinfo_group_acl -K auth_param negotiate program /usr/libexec/squid/negotiate_kerberos_auth -s HTTP/myserver.mydomain.org@xxxxxxxxxxxx auth_param negotiate children 60 auth_param negotiate keep_alive on auth_param basic realm My REALM proxy acl localnet src 10.0.0.0/8 acl localnet src 192.168.0.0/16 acl ORG_all proxy_auth REQUIRED acl explicit myportname 3128 acl intercepted myportname 3129 acl interceptedssl myportname 3130 [...] acl allowed_groups external nt_group "/opt/proxy-settings/allowed.groups" [...] acl restricted_groups external nt_group "/opt/proxy-settings/restricted.groups" [...] http_access deny SSL_ports ORG_all http_access deny explicit !ORG_all #http_access deny intercepted ORG_all #http_access deny interceptedssl ORG_all http_access deny intercepted !localnet http_access deny interceptedssl !localnet [...] debug_options rotate=1 ALL,1 [...] http_port 3128 http_port 3129 tproxy https_port 3130 tproxy ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=16MB cert=/etc/ssl/squid/proxyserver.pem sslcrtd_program /usr/libexec/squid/ssl_crtd -s /var/lib/squid/ssl_db -M 16MB sslcrtd_children 40 startup=20 idle=10 reply_header_access Alternate-Protocol deny all ssl_bump stare all ssl_bump bump all [...] Thanks, Vieri _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
