Squid Proxy 不提示身份验证并拒绝每个请求

tag-icon tag-icon ubuntu authentication squid
Squid Proxy 不提示身份验证并拒绝每个请求

我遇到了一个问题,即 Squid 代理总是拒绝请求。糟糕的是,我从来没有看到过身份验证弹出窗口...

Squid 在 Ubuntu 14.04 vserver 上运行。

我将向您提供我的 squid.conf:

# acls
### local net
acl localnet src 10.0.0.0/8     # RFC1918 possible internal network
acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7       # RFC 4193 local private network range
acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines

### safe ports
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT

#set squid port
http_port 3128

hierarchy_stoplist cgi-bin ?

forwarded_for delete

# authentification with username and password
auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid/squid_user
acl foo proxy_auth REQUIRED
http_access allow foo

## disable ident lookup
ident_lookup_access deny all

# last rule to block all without other valid rule
http_access deny all

最糟糕的是,过去几个月里,我已经在其他几个 vserver 实例上运行了完全相同的配置 - 但我不知道问题出在哪里……

以下是 netstat -l 的输出以及 /var/log/squid3/access.log 中的最后几个日志条目

网络状态-l

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 *:ssh                   *:*                     LISTEN     
tcp6       0      0 [::]:3128               [::]:*                  LISTEN     
tcp6       0      0 [::]:ssh                [::]:*                  LISTEN     
udp        0      0 Ubuntu-1404-trusty-:ntp *:*                                
udp        0      0 localhost.localdoma:ntp *:*                                
udp        0      0 *:ntp                   *:*                                
udp        0      0 *:45391                 *:*                                
udp6       0      0 Ubuntu-1404-trusty-:ntp [::]:*                             
udp6       0      0 fe80::21c:14ff:fe01:ntp [::]:*                             
udp6       0      0 ip6-localhost:ntp       [::]:*                             
udp6       0      0 [::]:ntp                [::]:*                             
udp6       0      0 [::]:46534              [::]:*                             
raw        0      0 *:icmp                  *:*                     7          
raw6       0      0 [::]:ipv6-icmp          [::]:*                  7          
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node   Path
unix  2      [ ACC ]     STREAM     LISTENING     9030     /var/run/acpid.socket
unix  2      [ ACC ]     STREAM     LISTENING     7254     @/com/ubuntu/upstart
unix  2      [ ACC ]     STREAM     LISTENING     7803     /var/run/dbus/system_bus_socket
unix  2      [ ACC ]     SEQPACKET  LISTENING     7624     /run/udev/control

最后几条记录/var/log/squid3/access.log

1407774496.214      0 188.40.117.68 TCP_DENIED/403 4167 GET http://www.google.de/ - HIER_NONE/- text/html
1407774496.346      0 188.40.117.68 TCP_DENIED/403 3963 GET http://www.squid-cache.org/Artwork/SN.png - HIER_NONE/- text/html
1407774496.398      0 188.40.117.68 TCP_DENIED/403 4200 GET http://www.google.de/favicon.ico - HIER_NONE/- text/html
1407774496.419      0 188.40.117.68 TCP_DENIED/403 4200 GET http://www.google.de/favicon.ico - HIER_NONE/- text/html
1407774498.431      0 188.40.117.68 TCP_DENIED/403 4203 GET http://www.google.de/ - HIER_NONE/- text/html

感谢您的时间 - 我非常感谢您的帮助。如果您需要更多信息,请告诉我们,我会尽力提供。

答案1

我解决了。至少有点……这似乎是创建用户的问题。将用户名改为全小写后,它开始正常工作了。

相关内容