Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Unable to get username in logs for access denied

    Cache/Proxy
    1
    1
    633
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      droapdead
      last edited by

      Hello guys,

      I have setup squid3 proxy server with pfsense 2.2.4 and the authentication is through captive portal with radius. Each user is given with an unique id and password. I have been tracking the logs for access denied results, it has been found that squid hasn't been logging the username , in the place there is  "- HIER_NONE/ -" , below are sample log.  What could be the reason?

      1414651057.911      0 10.10.0.7 TCP_DENIED/407 3787 CONNECT ie.search.yahoo.com:443 - HIER_NONE/- text/html

      I have been told that no login was necessary to deny those requests. So there is no need for Squid to waste time decoding the HTTP headers where the credentials were stored.

      If I would need the credentials to always be logged then I should move the blocked sites denial down below the http_access lines which require authentication.

      I did it as bellow but it didn´t work!

      These hosts do not have any restrictions

      http_access allow unrestricted_hosts

      Always allow access to whitelist domains

      http_access allow whitelist

      Block access to blacklist domains

      external_acl_type check_cp children-startup=5 ttl=5 %SRC /usr/pbi/squid-amd64/bin/check_ip.php
      acl password external check_cp

      Custom options after auth

      http_access deny blacklist

      Any suggestion? I would appreciate.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.