Unable to get username in logs for access denied
droapdead last edited by
I have setup squid3 proxy server with pfsense 2.2.4 and the authentication is through captive portal with radius. Each user is given with an unique id and password. I have been tracking the logs for access denied results, it has been found that squid hasn't been logging the username , in the place there is "- HIER_NONE/ -" , below are sample log. What could be the reason?
1414651057.911 0 10.10.0.7 TCP_DENIED/407 3787 CONNECT ie.search.yahoo.com:443 - HIER_NONE/- text/html
I have been told that no login was necessary to deny those requests. So there is no need for Squid to waste time decoding the HTTP headers where the credentials were stored.
If I would need the credentials to always be logged then I should move the blocked sites denial down below the http_access lines which require authentication.
I did it as bellow but it didn´t work!
http_access allow unrestricted_hosts
http_access allow whitelist
external_acl_type check_cp children-startup=5 ttl=5 %SRC /usr/pbi/squid-amd64/bin/check_ip.php
acl password external check_cp
http_access deny blacklist
Any suggestion? I would appreciate.