----- Original Message -----
From: "Van Bossche Koen" <Koen.VanBossche@KONE.com>
To: <squid-users@squid-cache.org>
Sent: Tuesday, September 18, 2001 8:09 PM
Subject: [squid-users] reporting Netbios error
> Hi all,
> I installed last week the latest squid tar file for use of NTLM
> authentication. I aim to use it so the user will not receive the
> authentication popup box.
> However I have been testing it for one week now and from time to time
it
> appears and then I get this error in my cache.log file :
>
> 2001/09/17 00:00:01| helperOpenServers: Starting 8 'squidGuard'
processes
> 2001/09/17 00:00:01| helperStatefulOpenServers: Starting 8 'ntlm_auth'
> processes
> WARNING. The -f flag is DEPRECATED and always active.
> WARNING. The -f flag is DEPRECATED and always active.
> WARNING. The -f flag is DEPRECATED and always active.
> WARNING. The -f flag is DEPRECATED and always active.
> WARNING. The -f flag is DEPRECATED and always active.
> WARNING. The -f flag is DEPRECATED and always active.
> WARNING. The -f flag is DEPRECATED and always active.
> WARNING. The -f flag is DEPRECATED and always active.
> NetBios error code 4 (RFCNBE_BadWrite: Write system call returned an
error.
> Check
> errno.)
> 2001/09/17 09:41:21| fqdncacheParse: No PTR record
> NetBios error code 4 (RFCNBE_BadWrite: Write system call returned an
error.
> Check
> errno.)
>
> Is there a solution or workaround? I have been playing a bit with the
> configuration items :
> auth_param ntlm max_challenge_reuses 1000
> auth_param ntlm max_challenge_lifetime 3000 minutes
This is dangerous! The above settings will allow session spoofing. (See
the comment in squid.conf.default).
> However it does not seem to have much impact.
There are two problems here, and the squid challenge caching has no
driect impact on either of them.
1) You are using -f on the helper command line. As the warning say
"The -f is deprecated and always active".
2) the NetBios write error indicates a comms problem of some sort
between squid and the DC. This can be the DC dropping the connection, or
a network fault.
To solve 1, remove the -f. To solve 2, try _lowering_ your challenge
reuse and lifetime options. a reuse of 1, lifetime of 2 minutes is good.
Rob
Received on Sun Sep 23 2001 - 04:47:40 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:02:27 MST