Re: [squid-users] authenticate_program needs source IP address

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Tue, 28 May 2002 21:25:46 +0200

If you are using authentication then the authenticated user name is
logged in Squid's access.log in the "ident" field.

If the authentication scheme is basic (the only available in Squid-2.4
or earlier, the default in 2.5) then the user name should also be
logged on unsuccessful login attempts, but with a status code of
TCP_DENIED/407

URL or client IP address is not sent to authenticators as these are
not part of the user credentials. In the opinion of Squid (and the
HTTP specifications) connections from different IP addresses with the
same user credentails are from the same user.

Regards
Henrik

On Tuesday 28 May 2002 17:33, Michael Hocke wrote:
> Hi everybody,
>
> I am running Squid 2.4STABLE6 with a self-made authentication
> script. In order to track down abusive behavior I am in need to log
> more detailed information with each attempt of authentication.
> Right now the only information passed to the auth script is the
> username and the password. Since I need to correlate this
> information with access.log entries I also have to get my hands on
> the source IP address, i.e. my script needs to be fed with it
> somehow. I wonder if somebody could tell me if Squid is able to do
> this. What I need is either the user id logged in access.log or the
> source IP passed onto the auth scripts so that it can be logged
> there.
>
> Right now I hacked Squid to allow the latter (I was lucky that all
> data structures for this were in place already and I only had to
> make sure that the data is passed around) and it is working fine.
> It would be great if a feature like this could be integrated into a
> future release of Squid.
>
> - Michael
Received on Tue May 28 2002 - 13:31:30 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:08:15 MST