SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264

0000209: squid_ldap_auth failure once Endian has been running for some time. - MantisBT
MantisBT - Endian Firewall
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0000209Endian FirewallDocumentationpublic2007-07-03 15:182008-02-02 07:28
Reporterahull 
Assigned Toraphael-endian 
PrioritynormalSeveritymajorReproducibilityalways
StatusclosedResolutionfixed 
PlatformOSOS Version
Product Version2.1 
Target VersionFixed in Version2.2-beta2 
Customer Importance
Customer Occurrences
Queue
Summary0000209: squid_ldap_auth failure once Endian has been running for some time.
DescriptionWe are using the squid_ldap_auth to authenticate against a windows Active Direcory LDAP, and experience a failure once Endian has been running for some time.

The clients will be presented with an internet explorer login dialog from the endian box, and when they enter the correct login details, they then are prompted for them again, and again, then a login failure page is displayed.

Re-booting the endian box will cause the problem to go away, only to re-appear a while later.
Steps To Reproduce
Additional InformationWhen I check the processes running on the box, there are the requisite number of squid_ldap_auth processes.

root@proxy-glasgow:~ # ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 10:56 ? 00:00:00 init [3]
root 2 1 0 10:56 ? 00:00:00 [migration/0]
root 3 1 0 10:56 ? 00:00:00 [ksoftirqd/0]
root 4 1 0 10:56 ? 00:00:00 [migration/1]
root 5 1 0 10:56 ? 00:00:00 [ksoftirqd/1]
root 6 1 0 10:56 ? 00:00:00 [events/0]
root 7 1 0 10:56 ? 00:00:00 [events/1]
root 8 6 0 10:56 ? 00:00:00 [khelper]
root 9 6 0 10:56 ? 00:00:00 [kacpid]
root 36 6 0 10:56 ? 00:00:00 [kblockd/0]
root 37 6 0 10:56 ? 00:00:00 [kblockd/1]
root 54 6 0 10:56 ? 00:00:00 [pdflush]
root 55 6 0 10:56 ? 00:00:00 [pdflush]
root 57 6 0 10:56 ? 00:00:00 [aio/0]
root 58 6 0 10:56 ? 00:00:00 [aio/1]
root 56 1 0 10:56 ? 00:00:00 [kswapd0]
root 200 1 0 10:56 ? 00:00:00 [kseriod]
root 338 6 0 10:56 ? 00:00:00 [ata/0]
root 339 6 0 10:56 ? 00:00:00 [ata/1]
root 343 1 0 10:56 ? 00:00:00 [scsi_eh_0]
root 344 1 0 10:56 ? 00:00:00 [scsi_eh_1]
root 355 1 0 10:56 ? 00:00:00 [kjournald]
root 754 1 0 10:56 ? 00:00:00 [khubd]
root 1102 1 0 10:56 ? 00:00:00 [kjournald]
root 1103 1 0 10:56 ? 00:00:00 [kjournald]
root 1376 1 0 10:56 ? 00:00:00 syslogd -m 0
root 1388 1 0 10:56 ? 00:00:00 udevd
root 1397 1 0 10:56 ? 00:00:00 klogd
root 1417 1 0 10:56 ? 00:00:00 /usr/sbin/ulogd -d
root 2560 1 0 10:56 ? 00:00:00 httpd
root 2864 1 0 10:56 ? 00:00:00 /usr/sbin/fcron -c /etc/fcron.conf
root 2887 1 0 10:56 ? 00:00:00 /usr/sbin/sshd
ntp 2917 1 0 10:56 ? 00:00:00 ntpd -A -u ntp:ntp -i /var/lib/ntp -p /var/run/ntpd.pid -c /etc/ntp/ntp.conf -g
root 2924 2917 0 10:56 ? 00:00:00 ntpd -A -u ntp:ntp -i /var/lib/ntp -p /var/run/ntpd.pid -c /etc/ntp/ntp.conf -g
ntop 3006 1 0 10:57 ? 00:00:23 ntop --user ntop --daemon --db-file-path /var/ntop --interface br0 --trace-level 3 --https-server 3001 --http-
root 3130 1 0 10:57 tty1 00:00:00 /sbin/mingetty tty1
root 3131 1 0 10:57 tty2 00:00:00 /sbin/mingetty tty2
root 3132 1 0 10:57 tty3 00:00:00 /sbin/mingetty tty3
root 3133 1 0 10:57 tty4 00:00:00 /sbin/mingetty tty4
root 3134 1 0 10:57 tty5 00:00:00 /sbin/mingetty tty5
root 3135 1 0 10:57 tty6 00:00:00 /sbin/mingetty tty6
root 3136 1 0 10:57 ttyS0 00:00:00 /sbin/agetty -l /usr/sbin/efw-console -L 38400 ttyS0 vt100
dnsmasq 3701 1 0 10:57 ? 00:00:00 /usr/sbin/dnsmasq
root 5325 6 0 12:38 ? 00:00:00 [kauditd]
root 7841 1 0 14:36 ? 00:00:00 /usr/sbin/snort -c /etc/snort/snort.conf -D -u snort -g snort -d -e -o -p -A fast -m 022 -i eth2
nobody 8134 2560 0 14:52 ? 00:00:00 httpd
nobody 8167 2560 0 14:54 ? 00:00:00 httpd
snort 8295 1 0 15:01 ? 00:00:02 /usr/sbin/snort -c /etc/snort/snort.conf -D -u snort -g snort -d -e -o -p -A fast -m 022 -i eth2
root 9286 2887 0 16:11 ? 00:00:00 sshd: root@notty
root 9292 9286 0 16:11 ? 00:00:00 -bash
root 9300 2887 0 16:11 ? 00:00:00 sshd: root@pts/0
root 9306 9300 0 16:11 pts/0 00:00:00 -bash
root 9376 1 0 16:12 ? 00:00:00 /usr/sbin/squid -D
squid 9378 9376 2 16:12 ? 00:00:00 (squid) -D
squid 9380 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9381 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9382 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9383 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9385 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9386 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9387 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9388 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9389 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9390 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9391 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9392 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9393 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9394 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9395 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9396 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9397 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9398 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9399 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9400 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9401 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9402 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9403 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9404 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9405 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9406 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9407 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9408 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9409 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9410 9378 0 16:12 ? 00:00:00 (squid_ldap_auth) -b dc=loadofoldgarbage,dc=local -D noneofyourbusiness@theendoftheworld.com -w govan -f (&(objectClass=person)(sAMAccount
squid 9411 9378 0 16:12 ? 00:00:00 (unlinkd)
clamav 9446 1 0 16:12 ? 00:00:00 /usr/sbin/clamd
clamav 9480 1 0 16:12 ? 00:00:00 /usr/sbin/havp -c /etc/havp/havp.conf
clamav 9481 9480 0 16:12 ? 00:00:00 /usr/sbin/havp -c /etc/havp/havp.conf
clamav 9482 9481 0 16:12 ? 00:00:00 /usr/sbin/havp -c /etc/havp/havp.conf
clamav 9483 9480 0 16:12 ? 00:00:00 /usr/sbin/havp -c /etc/havp/havp.conf
clamav 9484 9483 0 16:12 ? 00:00:00 /usr/sbin/havp -c /etc/havp/havp.conf
clamav 9485 9480 0 16:12 ? 00:00:00 /usr/sbin/havp -c /etc/havp/havp.conf
clamav 9486 9485 0 16:12 ? 00:00:00 /usr/sbin/havp -c /etc/havp/havp.conf
clamav 9487 9480 0 16:12 ? 00:00:00 /usr/sbin/havp -c /etc/havp/havp.conf
clamav 9488 9487 0 16:12 ? 00:00:00 /usr/sbin/havp -c /etc/havp/havp.conf
clamav 9489 9480 0 16:12 ? 00:00:00 /usr/sbin/havp -c /etc/havp/havp.conf
clamav 9491 9489 0 16:12 ? 00:00:00 /usr/sbin/havp -c /etc/havp/havp.conf
clamav 9492 9480 0 16:12 ? 00:00:00 /usr/sbin/havp -c /etc/havp/havp.conf
clamav 9493 9492 0 16:12 ? 00:00:00 /usr/sbin/havp -c /etc/havp/havp.conf
clamav 9495 9480 0 16:12 ? 00:00:00 /usr/sbin/havp -c /etc/havp/havp.conf
clamav 9496 9480 0 16:12 ? 00:00:00 /usr/sbin/havp -c /etc/havp/havp.conf
clamav 9497 9495 0 16:12 ? 00:00:00 /usr/sbin/havp -c /etc/havp/havp.conf
clamav 9498 9496 0 16:12 ? 00:00:00 /usr/sbin/havp -c /etc/havp/havp.conf
nobody 9504 2560 0 16:12 ? 00:00:00 httpd
nobody 9505 2560 0 16:12 ? 00:00:00 httpd
nobody 9506 2560 0 16:12 ? 00:00:00 httpd
nobody 9507 2560 0 16:12 ? 00:00:00 httpd
nobody 9508 2560 0 16:12 ? 00:00:00 httpd
nobody 9509 2560 0 16:12 ? 00:00:00 httpd
nobody 9510 2560 0 16:12 ? 00:00:00 httpd
nobody 9514 1 0 16:12 ? 00:00:00 /usr/sbin/dansguardian
nobody 9515 9514 0 16:12 ? 00:00:00 /usr/sbin/dansguardian
nobody 9516 9514 0 16:12 ? 00:00:00 /usr/sbin/dansguardian
nobody 9517 9514 0 16:12 ? 00:00:00 /usr/sbin/dansguardian
nobody 9518 9514 0 16:12 ? 00:00:00 /usr/sbin/dansguardian
nobody 9519 9514 0 16:12 ? 00:00:00 /usr/sbin/dansguardian
nobody 9520 9514 0 16:12 ? 00:00:00 /usr/sbin/dansguardian
nobody 9521 9514 0 16:12 ? 00:00:00 /usr/sbin/dansguardian
nobody 9522 9514 0 16:12 ? 00:00:00 /usr/sbin/dansguardian
nobody 9523 9514 0 16:12 ? 00:00:00 /usr/sbin/dansguardian
nobody 9524 9514 0 16:12 ? 00:00:00 /usr/sbin/dansguardian
root 9525 9306 0 16:12 pts/0 00:00:00 ps -ef
root@proxy-glasgow:~ #
TagsNo tags attached.
Relationships
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2007-07-03 15:18ahullNew Issue
2007-09-07 16:12raphael-endianNote Added: 0000489
2007-09-07 16:12raphael-endianStatusnew => assigned
2007-09-07 16:12raphael-endianAssigned To => raphael-endian
2007-09-10 11:01ahullNote Added: 0000505
2007-09-10 11:03ahullNote Edited: 0000505
2007-09-10 11:09ahullNote Edited: 0000505
2007-09-17 08:10raphael-endianNote Added: 0000509
2007-10-27 18:39peter-endianNote Added: 0000548
2007-10-27 18:39peter-endianStatusassigned => feedback
2008-01-14 15:52ra-endianStatusfeedback => resolved
2008-01-14 15:52ra-endianFixed in Version => 2.2-beta2
2008-01-14 15:52ra-endianResolutionopen => fixed
2008-02-02 07:28raphael-endianStatusresolved => closed

Notes
(0000489)
raphael-endian   
2007-09-07 16:12   
Which version of squid are you running? You can check with "rpm -q squid"
(0000505)
ahull   
2007-09-10 11:01   
(edited on: 2007-09-10 11:09)
The squid in question is the default from Advanced Proxy 1.0.6

FYI this problem will probably be resolved by updating to the latest version of SQUID, since we also run ipcop, and it suffered the same problem until we updated the SQUID by hand. I updated to Squid 2.6.STABLE14

Hope this helps.

Andrew

BTW if you want me to test, just point me to a suitable build.
(0000509)
raphael-endian   
2007-09-17 08:10   
Thanks for your hint, we upgraded to the last 2.6STABLE16.

We almost finished a complete rewrite of the HTTP Proxy module for Endian Firewall release 2.2 (should hit the road by october end). Now it's a lot cleaner and more powerful: it allows to define global policies and group based policies (only for enterprise version). This way it's possible to enable content filternig, time based rules, mime filtering etc. based on the group.
(0000548)
peter-endian   
2007-10-27 18:39   
Could you please try with version 2.2. That version includes squid 2.6STABLE16