Unable to get username in logs for access denied
-
Hello guys,
I have setup squid3 proxy server with pfsense 2.2.4 and the authentication is through captive portal with radius. Each user is given with an unique id and password. I have been tracking the logs for access denied results, it has been found that squid hasn't been logging the username , in the place there is "- HIER_NONE/ -" , below are sample log. What could be the reason?
1414651057.911 0 10.10.0.7 TCP_DENIED/407 3787 CONNECT ie.search.yahoo.com:443 - HIER_NONE/- text/html
I have been told that no login was necessary to deny those requests. So there is no need for Squid to waste time decoding the HTTP headers where the credentials were stored.
If I would need the credentials to always be logged then I should move the blocked sites denial down below the http_access lines which require authentication.
I did it as bellow but it didn´t work!
These hosts do not have any restrictions
http_access allow unrestricted_hosts
Always allow access to whitelist domains
http_access allow whitelist
Block access to blacklist domains
external_acl_type check_cp children-startup=5 ttl=5 %SRC /usr/pbi/squid-amd64/bin/check_ip.php
acl password external check_cpCustom options after auth
http_access deny blacklist
Any suggestion? I would appreciate.