Article delegate-en/2704 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]

Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: How force hosts to authenticate
08 Jul 2004 15:15:49 GMT "Salvatore Tarallo \(starallo\)" <prafabdyi-ktwgyos5bmlr.ml@ml.delegate.org>


Hi Yutaka,
Sorry it took so long for a reply.
Attached, a text file with the debug collected during the browsing of
the same page with two different configurations, one with a single
AUTHORIZER and the second with a second AUTHORIZER parameter. The
configuration in the file is the one I've used. The last line is present
only in the second attempt.

Cheers,
Sal

-----Original Message-----
From: Yutaka Sato [mailto:feedback@delegate.org] 
Sent: Friday, July 02, 2004 9:56 PM
To: feedback@delegate.org
Cc: Salvatore Tarallo (starallo)
Subject: Re: [DeleGate-En:2700] How force hosts to authenticate

Hi,

In message
<_A2700@delegate-en.ML_>
on 07/02/04(18:50:17)
you "Salvatore Tarallo \(starallo\)" <prafabdyi-ktwgyos5bmlr.ml@ml.delegate.org> wrote:
 |I gave it a try and indeed the connmap on AUTHORIZER is now working
but  |I'm facing another problem:
 |1) an authentication request pops up for some sites (delegate.org is
of
 |them) even if it is excluded in the AUTHORIZER parameter  |
 |2) Using multiple connmaps on a single AUTHORIZER parameter or
multiple  |AUTHORIZER with a connmap each doesn't work.

A parameter of DeleGate including AUTHORIZER cannot be with multiple
connMaps.

 |In the first case delegate doesn't start up (no err msg is logged to
|console in verbose mode), in the second case, authentication is
prompted  |for all sites.

Could you show me how you specified it?
I can use AUTHORIZER without problem as follows for example.

delegated +=/tmp/test.conf
#####[the content of /tmp/test.conf]#### -v -P8080
AUTHORIZER=-list{com:com}@dotcom:*:*.com
AUTHORIZER=-list{net:net}@dotnet:*:*.net
########################################

Using this HTTP proxy DeleGate, I can access each site with or without
corresponding user name and password.

  www.ibm.com -- with com:com
  www.php.net -- with net:net
  www.acm.org -- without authentication

Cheers,
Yutaka
--
  D G   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
 ( - )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

E:\delegate>dg -P8080 -v +=a
Warning: unknown parameter: P
(WIN) 03:42 [2476] setNonblockingSocket(7,1)=0
07/08 17:03:42.84 [2476] 0+0: --INITIALIZATION START: 8.9.6-pre8 on WindowsNT--
07/08 17:03:42.84 [2476] 0+0: BINSHELL=/bin/sh
07/08 17:03:42.87 [2476] 0+0: server_open(delegate,:8080,listen=20)
07/08 17:03:42.87 [2476] 0+0: server_open(delegate,:8080) BOUND
07/08 17:03:42.89 [2476] 0+0: FATAL!!!! NO DGROOT !!!!
07/08 17:03:42.89 [2476] 0+0: <DeleGate/8.9.6-pre8> [2476] -P8080 READY^M
<DeleGate/8.9.6-pre8> [2476] -P8080 READY
FATAL!!!! NO DGROOT !!!!
ADMIN=starallo@cisco.com
AIST-Product-ID: 2000-ETL-198715-01, H14PRO-049, H15PRO-165
Copyright (c) 1994-2000 Yutaka Sato and ETL,AIST,MITI
Copyright (c) 2001-2004 National Institute of Advanced Industrial Science and Technology (AIST)
07/08 17:03:42.90 [2476] 0+0: PORT= 8080/8 (31,144)
07/08 17:03:42.90 [2476] 0+0: OWNER=nobody => OWNER=?/?(?/?)
07/08 17:03:42.92 [2476] 0+0: REMITTABLE = http,https/{80,443},ftp
07/08 17:03:42.93 [2476] 0+0: PATH: gzip -> C:\PROGRA~1\CSCOpx\bin\gzip.exe
07/08 17:03:42.93 [2476] 0+0: #### gzip = [C:\PROGRA~1\CSCOpx\bin\gzip.exe]gzip
07/08 17:03:42.95 [2476] 0+0: #### gunzip = [C:\PROGRA~1\CSCOpx\bin\gzip.exe]gzip -d
07/08 17:03:42.95 [2476] 0+0: ADMIN=starallo@cisco.com protocol=delegate
07/08 17:03:43.01 [2476] 0+0: #### stack size limit = FFFFFFFF (-1)
07/08 17:03:43.01 [2476] 0+0: Stay open PIDFILE for accept() lock[fd=10]
07/08 17:03:43.03 [2476] 0+0: env[35] LIBPATH=.;E:\delegate;/var/spool/delegate/lib;.;/var/spool/delegate/etc
07/08 17:03:43.03 [2476] 0+0: ext[0] P=8080
07/08 17:03:43.03 [2476] 0+0: ext[1] ADMIN=starallo@cisco.com
07/08 17:03:43.03 [2476] 0+0: ext[2] RESOLV=cache,file,dns
07/08 17:03:43.03 [2476] 0+0: ext[3] CONNECT=cache,socks:*:*:*
07/08 17:03:43.04 [2476] 0+0: ext[4] SOCKS=proxy-ams-1.cisco.com:1080
07/08 17:03:43.04 [2476] 0+0: ext[5] REMITTABLE=http,https/{80,443},ftp
07/08 17:03:43.04 [2476] 0+0: ext[6] AUTH=admin:*:calo@-calo
07/08 17:03:43.04 [2476] 0+0: ext[7] PERMIT=http,https:*.microsoft.com,*.windowsupdate.com,*.cisco.com
07/08 17:03:43.04 [2476] 0+0: ext[8] PERMIT=http:*.mtuci.ru,*.akamai.net,*.nai.com,*.mcafee.com,*.sun.com,*.perl.com,*.easynet.be,*.
freedb.com,*.roxio.com,*.cddb.com,*.delegate.org
07/08 17:03:43.06 [2476] 0+0: ext[9] PERMIT=ftp:wwwin-gog.cisco.com
07/08 17:03:43.06 [2476] 0+0: ext[10] RELIABLE=10.48.64.0/19
07/08 17:03:43.06 [2476] 0+0: ext[11] AUTHORIZER=-list{guest:guest}:http,https:!*.microsoft.com,!*.cisco.com,!*.windowsupdate.com:*
07/08 17:03:43.06 [2476] 0+0: DELEGATE_Modified[0]: 40e52ec2
07/08 17:03:43.07 [2476] 0+0: --INITIALIZATION DONE: 8.9.6-pre8 on WindowsNT--
(WIN) 03:43 [2476] setNonblockingSocket(14,1)=0
(WIN) 04:01 [2476] spawn() = 464 [5164], children(alive=1,total=1)
07/08 17:04:01.98 [5164] 1+1: (0) accepted [16] -@[10.48.91.5]mammamia:2787 (0.094s)(1)
07/08 17:04:01.98 [5164] 1+1: = (1030036530) If-Modified-Since: Thu, 22 Aug 2002 17:15:30 GMT^M
07/08 17:04:02.00 [5164] 1+1: Proxy: host=mammamia; User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322
); DIRECT
07/08 17:04:02.00 [5164] 1+1: HCKA:[0] Keep-Alive; host=mammamia; (User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .N
ET CLR 1.1.4322))
07/08 17:04:02.00 [5164] 1+1: REQUEST = GET http://www.cisco.com/swa/i/logo.gif HTTP/1.1^M
07/08 17:04:02.03 [5164] 1+1: PATH> http://www.cisco.com:80!mammamia:8080!mammamia:2787!anonymous@mammamia;1089299041
07/08 17:04:02.03 [5164] 1+1: REQUEST = (no-cache)[http://www.cisco.com:80/] GET /swa/i/logo.gif HTTP/1.1^M
07/08 17:04:02.03 [5164] 1+1: Cookie: LastSpotlight=0; CP=null*; CP_GUTC=144.254.5.4.1084962272166356
07/08 17:04:02.03 [5164] 1+1: ## hostIFto 198.133.219.25 < 10.48.91.5 (ffffff00)
07/08 17:04:02.04 [5164] 1+1: ##ViaSocks-B(by rule)## www.cisco.com:80
07/08 17:04:02.06 [5164] 1+1: ConnectToServer connected [21] {64.103.36.133:1080 <- 10.48.91.5:2793} [0.000s]
07/08 17:04:02.23 [5164] 1+1: [SocksV5-clnt] start: OK CMD=1 ATYP=1 40672485:2793
07/08 17:04:02.23 [5164] 1+1: HTTP => (www.cisco.com:80) GET /swa/i/logo.gif HTTP/1.1^M
07/08 17:04:02.40 [5164] 1+1: HTTP status: 304 Not Modified => 0/0
07/08 17:04:02.40 [5164] 1+1: No-Cache to reuse
07/08 17:04:02.40 [5164] 1+1: #HT11 NO-response-buffering: chunked mode
07/08 17:04:02.40 [5164] 1+1: #HT11 SERVER ver[HTTP/1.1] conn[keep-alive]
07/08 17:04:02.40 [5164] 1+1: #HT11 server KEEP-ALIVE
07/08 17:04:02.40 [5164] 1+1: HTTP/1.1 304 Content-{Type: Encoding:[/] Leng:0} Server:Apache/1.0 (Unix)
07/08 17:04:02.42 [5164] 1+1: #HT11 NO-BODY: remsize=16384
07/08 17:04:02.42 [5164] 1+1: HTTP transmitted: 145head+0/0body=>0txt+0bin->0/0, 5i/1o/0f/0.0
07/08 17:04:02.42 [5164] 1+1: [Cookie:LastSpotlight=0; CP=null*; CP_GUTC=144.254.5.4.1084962272166356][Set-Cookie:][Cache-Control:]
07/08 17:04:02.45 [5164] 1+1: #HT11 putServ(22/23) www.cisco.com:80
07/08 17:04:06.29 [2476] 1+0: DeleGate SERVER EXITS: caught SIGINT [2]
07/08 17:04:06.29 [2476] 1+0: Killpg(2476,15)
(WIN) 04:06 [2476] kill(-2476,15) = -1, failed GetExitCodeProcess()
07/08 17:04:06.29 [5164] 1+1/1: HTTP CS got sigTERM(2)
07/08 17:04:06.31 [2476] 1+0: Left children: 1
07/08 17:04:06.31 [2476] 1+0: FINISH.
07/08 17:04:06.31 [2476] 1+0: FINISH.

E:\delegate>





E:\delegate>dg -P8080 -v +=a
Warning: unknown parameter: P
(WIN) 05:52 [5244] setNonblockingSocket(7,1)=0
07/08 17:05:52.32 [5244] 0+0: --INITIALIZATION START: 8.9.6-pre8 on WindowsNT--
07/08 17:05:52.32 [5244] 0+0: BINSHELL=/bin/sh
07/08 17:05:52.35 [5244] 0+0: server_open(delegate,:8080,listen=20)
07/08 17:05:52.35 [5244] 0+0: server_open(delegate,:8080) BOUND
07/08 17:05:52.35 [5244] 0+0: FATAL!!!! NO DGROOT !!!!
07/08 17:05:52.35 [5244] 0+0: <DeleGate/8.9.6-pre8> [5244] -P8080 READY^M
<DeleGate/8.9.6-pre8> [5244] -P8080 READY
FATAL!!!! NO DGROOT !!!!
ADMIN=starallo@cisco.com
AIST-Product-ID: 2000-ETL-198715-01, H14PRO-049, H15PRO-165
Copyright (c) 1994-2000 Yutaka Sato and ETL,AIST,MITI
Copyright (c) 2001-2004 National Institute of Advanced Industrial Science and Technology (AIST)
07/08 17:05:52.39 [5244] 0+0: PORT= 8080/8 (31,144)
07/08 17:05:52.40 [5244] 0+0: OWNER=nobody => OWNER=?/?(?/?)
07/08 17:05:52.40 [5244] 0+0: REMITTABLE = http,https/{80,443},ftp
07/08 17:05:54.43 [5244] 0+0: {R} *1 q=1,a=0, s=1,r=0 (2s)
07/08 17:05:55.73 [5244] 0+0: {R} *1 q=1,a=0, s=1,r=0 (0s)
07/08 17:05:55.79 [5244] 0+0: PATH: gzip -> C:\PROGRA~1\CSCOpx\bin\gzip.exe
07/08 17:05:55.79 [5244] 0+0: #### gzip = [C:\PROGRA~1\CSCOpx\bin\gzip.exe]gzip
07/08 17:05:55.81 [5244] 0+0: #### gunzip = [C:\PROGRA~1\CSCOpx\bin\gzip.exe]gzip -d
07/08 17:05:55.81 [5244] 0+0: ADMIN=starallo@cisco.com protocol=delegate
07/08 17:05:55.87 [5244] 0+0: #### stack size limit = FFFFFFFF (-1)
07/08 17:05:55.89 [5244] 0+0: Stay open PIDFILE for accept() lock[fd=12]
07/08 17:05:55.89 [5244] 0+0: env[35] LIBPATH=.;E:\delegate;/var/spool/delegate/lib;.;/var/spool/delegate/etc
07/08 17:05:55.90 [5244] 0+0: ext[0] P=8080
07/08 17:05:55.90 [5244] 0+0: ext[1] ADMIN=starallo@cisco.com
07/08 17:05:55.90 [5244] 0+0: ext[2] RESOLV=cache,file,dns
07/08 17:05:55.92 [5244] 0+0: ext[3] CONNECT=cache,socks:*:*:*
07/08 17:05:55.92 [5244] 0+0: ext[4] SOCKS=proxy-ams-1.cisco.com:1080
07/08 17:05:55.92 [5244] 0+0: ext[5] REMITTABLE=http,https/{80,443},ftp
07/08 17:05:55.93 [5244] 0+0: ext[6] AUTH=admin:*:calo@-calo
07/08 17:05:55.93 [5244] 0+0: ext[7] PERMIT=http,https:*.microsoft.com,*.windowsupdate.com,*.cisco.com
07/08 17:05:55.95 [5244] 0+0: ext[8] PERMIT=http:*.mtuci.ru,*.akamai.net,*.nai.com,*.mcafee.com,*.sun.com,*.perl.com,*.easynet.be,*.
freedb.com,*.roxio.com,*.cddb.com,*.delegate.org
07/08 17:05:55.95 [5244] 0+0: ext[9] PERMIT=ftp:wwwin-gog.cisco.com
07/08 17:05:55.96 [5244] 0+0: ext[10] RELIABLE=10.48.64.0/19
07/08 17:05:55.96 [5244] 0+0: ext[11] AUTHORIZER=-list{guest:guest}:http,https:!*.microsoft.com,!*.cisco.com,!*.windowsupdate.com:*
07/08 17:05:55.96 [5244] 0+0: ext[12] AUTHORIZER=-list{guest:guest}:http,https:!*.repubblica.it:*
07/08 17:05:55.98 [5244] 0+0: DELEGATE_Modified[1]: 40ed62d3
07/08 17:05:56.00 [5244] 0+0: --INITIALIZATION DONE: 8.9.6-pre8 on WindowsNT--
(WIN) 05:56 [5244] setNonblockingSocket(16,1)=0
(WIN) 06:03 [5244] spawn() = 536 [2600], children(alive=1,total=1)
07/08 17:06:04.10 [2600] 1+1: (0) accepted [18] -@[10.48.91.5]mammamia:2823 (0.094s)(1)
07/08 17:06:04.14 [2600] 1+1: = (1030036530) If-Modified-Since: Thu, 22 Aug 2002 17:15:30 GMT^M
07/08 17:06:04.15 [2600] 1+1: Proxy: host=mammamia; User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322
); DIRECT
07/08 17:06:04.17 [2600] 1+1: HCKA:[0] Keep-Alive; host=mammamia; (User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .N
ET CLR 1.1.4322))
07/08 17:06:04.18 [2600] 1+1: REQUEST = GET http://www.cisco.com/swa/i/logo.gif HTTP/1.1^M
07/08 17:06:04.25 [2600] 1+1/1: HCKA:[1] closed -- a:proxy authentication required
07/08 17:06:04.28 [2600] 1+1/1: disconnected [18] -@[10.48.91.5]mammamia:2823 (0.266s)(0)
mammamia - - [08/Jul/2004:17:06:04 +0100] "GET http://www.cisco.com/swa/i/logo.gif HTTP/1.1" 407 664 0*0.000+0.000:A:0a



P=8080
ADMIN=starallo@cisco.com	
RESOLV=cache,file,dns
CONNECT="cache,socks:*:*:*" 
SOCKS=proxy-ams-1.cisco.com:1080
REMITTABLE="http,https/{80,443},ftp"
AUTH="admin:*:calo@-calo"
PERMIT="http,https:*.microsoft.com,*.windowsupdate.com,*.cisco.com"
PERMIT="http:*.mtuci.ru,*.akamai.net,*.nai.com,*.mcafee.com,*.sun.com,*.perl.com,*.easynet.be,*.freedb.com,*.roxio.com,*.cddb

com,*.delegate.org"
PERMIT="ftp:wwwin-gog.cisco.com"
RELIABLE=10.48.64.0/19
AUTHORIZER="-list{guest:guest}:http,https:!*.microsoft.com,!*.cisco.com,!*.windowsupdate.com:*"
AUTHORIZER="-list{guest:guest}:http,https:!*.repubblica.it:*"









  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V