SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264

0000071: Squid/DansGuardian not functioning together for "Standard" users. - MantisBT Endian Bugtracker
Endian Issue Tracker





Please see now our new Bugtracker system: JIRA








View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0000071Endian FirewallApplication Level Proxiespublic2007-01-09 12:522007-12-31 19:15
Reportermyntric 
Assigned Topeter-endian 
PrioritynormalSeveritymajorReproducibilityalways
StatusclosedResolutionfixed 
PlatformOSOS Version
Product Version2.1 
Target VersionFixed in Version2.2-beta2 
Summary0000071: Squid/DansGuardian not functioning together for "Standard" users.
DescriptionWhen enabling Squid, HAVP, and DansGuardian with "Local Authentication", the following screen is shown everytime a "Standard" user authenticates:

----------------------------------------------------------------------------
The requested URL could not be retrieved
While trying to retrieve the URL: http://<web.site.com>/ [^]

The following error was encountered:

Unable to forward this request at this time.

Sorry, you are not currently allowed to request:
http://<web.site.com>/ [^]
from this cache until you have authenticated yourself.

This request could not be forwarded to the origin server or to any
parent caches. The most likely cause for this error is that:
The cache administrator does not allow this cache to make direct connections to origin servers, and
All configured parent caches are currently unreachable.

Your cache administrator is <xxx>@xxx.com.

----------------------------------------------------------------------------

This only happens to the "Standard" user accounts as the "Extended" users are allowed access to all sites. The only way Squid would proxy the traffic with these options enabled is by removing the following lines from the /etc/squid.conf, it did work for "Standard" users as well; however, I believe this disables DansGuardian (or HAVP) at this point.

cache_peer 127.0.0.1 parent 9999 0 no-query no-digest no-netdb-exchange
cache_peer_access 127.0.0.1 deny for_extended_users
cache_peer_access 127.0.0.1 deny !HAVP_ALLOWED_PROTOS
cache_peer_access 127.0.0.1 allow all
always_direct allow EFW_ips
never_direct deny for_extended_users
never_direct deny !HAVP_ALLOWED_PROTOS
never_direct allow all !localhost
Additional InformationUnchecking DansGuardian allows the "Standard" users to work. Also, even with receiving the above, if a site is explicitly blocked within the Content Filter, it does block it with the appropriate error message.
TagsNo tags attached.
Attached Files

- Relationships

-  Notes
There are no notes attached to this issue.

- Issue History
Date Modified Username Field Change
2007-01-09 12:52 myntric New Issue
2007-02-08 22:54 peter-endian Status new => assigned
2007-02-08 22:54 peter-endian Assigned To => peter-endian
2007-10-27 22:05 peter-endian Status assigned => resolved
2007-10-27 22:05 peter-endian Fixed in Version => 2.2
2007-10-27 22:05 peter-endian Resolution open => fixed
2007-12-31 19:15 raphael-endian Fixed in Version 2.2-beta1 => 2.2-beta2
2007-12-31 19:15 raphael-endian Status resolved => closed

Copyright © 2005-2008 Endian, SRL. All rights reserved.


Copyright © 2000 - 2012 MantisBT Group
Powered by Mantis Bugtracker