Unable to get username in logs for access denied



  • Hello guys,

    I have setup squid3 proxy server with pfsense 2.2.4 and the authentication is through captive portal with radius. Each user is given with an unique id and password. I have been tracking the logs for access denied results, it has been found that squid hasn't been logging the username , in the place there is  "- HIER_NONE/ -" , below are sample log.  What could be the reason?

    1414651057.911      0 10.10.0.7 TCP_DENIED/407 3787 CONNECT ie.search.yahoo.com:443 - HIER_NONE/- text/html

    I have been told that no login was necessary to deny those requests. So there is no need for Squid to waste time decoding the HTTP headers where the credentials were stored.

    If I would need the credentials to always be logged then I should move the blocked sites denial down below the http_access lines which require authentication.

    I did it as bellow but it didn´t work!

    These hosts do not have any restrictions

    http_access allow unrestricted_hosts

    Always allow access to whitelist domains

    http_access allow whitelist

    Block access to blacklist domains

    external_acl_type check_cp children-startup=5 ttl=5 %SRC /usr/pbi/squid-amd64/bin/check_ip.php
    acl password external check_cp

    Custom options after auth

    http_access deny blacklist

    Any suggestion? I would appreciate.


Log in to reply