RE: [squid-users] https analyze, squid rpc proxy to rpc proxy ii6 exchange2007 with ntlm

Hi Amos,

Thx for your answer.

I'm still searching why my solution works with XP and only when I change 2 settings (lanmanager level, and disable msstd) on Windows7.
So I use a cache.log with debug options to analyze more precisely, to see the difference between these two OS.

When that doesn’t work on windows7, the request is "stuck" on RPC_OUT_DATA with a 200 success HTTP, sort of time out, and no infos, I've sniffed all I can, and nothing ...

The only thing I can see in logs is the cookie header and the pragma "sessionid" on windows7. In XP there is no cookie header and pragma is "no-cache" only, no other values.

> Also, request_header_replace requires a previous "request_header_access deny ..." giving permission to remove existng header details before it can replace the content.

Thx for this info, I'll test it today.
If I write :
request_header_access Cookie deny all
request_header_replace Cookie none

Does this disable cookie header ?

Thx, regards

Clem

-----Message d'origine-----
De : Amos Jeffries [mailto:squid3_at_treenet.co.nz]
Envoyé : vendredi 11 mai 2012 16:28
À : squid-users_at_squid-cache.org
Objet : Re: [squid-users] https analyze, squid rpc proxy to rpc proxy ii6 exchange2007 with ntlm

On 12/05/2012 1:50 a.m., Clem wrote:
> Hello,
>
> In my cache.log I have (windows7 client) :
>
> --------------------------
> 2012/05/11 13:37:42.493| HTTP Client local=ip_squid:443
> remote=ip_wan_client:60465 FD 11 flags=1
> 2012/05/11 13:37:42.493| HTTP Client REQUEST:
> ---------
> RPC_OUT_DATA /rpc/rpcproxy.dll?fqdn_exchange_server:6002 HTTP/1.1
> Cache-Control: no-cache
> Connection: Keep-Alive
> Pragma: SessionId=d3deb408-a810-4e85-b3df-1e50e0fe11f7
> Accept: application/rpc
> Cookie: OutlookSession="{B14448C4-3BB4-454E-A09F-CA4705810688}
> Outlook=14.0.6117.5001 OS=6.1.7601"
> User-Agent: MSRPC
> Content-Length: 0
> Host: mail.xx.fr
> Authorization: NTLM
> TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAGAbEdAAAADw==
> --------------------------
>
> The difference between xp client is Pragma header, no-cache value for
> xp, and Cookie header doesn’t exist in xp.

You mean no-cache as well as SessionId values? or just no-cache and no SessionId?

>
> So I want to "disable" Cookie header and replace value for pragma, in
> my squid.conf I've added this lines :
>
> request_header_access Cookie deny all
> request_header_replace Pragma no-cache

"Pragma: no-cache" has been obsoleted by "Cache-Control:no-cache". They do the same thing.

Also, request_header_replace requires a previous "request_header_access deny ..." giving permission to remove existng header details before it can replace the content.

>
> But that doesn't work, header cookie is still there, and pragma isn’t
> changed.

Make sure you are looking at the right things. "HTTP Client REQUEST " is
the raw data received from the client. No changes made by Squid will
show up in those details (except some minor auto-corrections by the
parser). The "HTTP Server REQUEST" details later on with same URL are
the Squid->Server information after all Squid manipulations.

The response headers are in a pair of "HTTP foo REPLY".

Amos
Received on Mon May 14 2012 - 09:07:38 MDT