On 2025-09-15 10:09, Ohms, Jannis wrote:
Ist the ident protocoll still supported by squid?
YMMV, but Squid have not supported Ident properly for many years (if ever). Buggy Ident code was removed in Squid v7. I have quoted a variation of the corresponding release note below.
HTH, Alex.
Removed Ident protocol support Ident protocol (RFC 931 obsoleted by RFC 1413) has been considered seriously insecure and broken since at least 2009 when SANS issued an update recommending its removal from all networks. Squid Ident implementation had its own set of problems (that could not be addressed without significant code refactoring). Configurations using ident/ident_regex ACLs, %ui logformat codes, %IDENT external_acl_type format code, or ident_lookup_access/ident_timeout directives are now rejected, leading to fatal startup failures. To avoid inconveniencing admins that do _not_ use Ident features, access logs with "common" and "combined" logformats now always receive a dash in the position of what used to be a %ui record field. If necessary, an external ACL helper can be written to perform Ident transactions and deliver the user identity to Squid through the **user=** annotation.
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org https://lists.squid-cache.org/listinfo/squid-users
