Hi, We have a strange problem with overlap in logs files. We have a squid 3 with NTLM authentication. The problems is that sometime we detect that a mistake in the username of logs files. USER1 have the IP 192.168.4.49 and the USER2 have the 192.168.3.26. The first lines are normal and we detect a change of username in the last line.
... 192.168.4.49 - USER1 [09/Oct/2008:17:54:10 +0200] "GET http://www..... " 404 6851 TCP_MISS:NONE 192.168.3.26 - USER2 [09/Oct/2008:17:54:29 +0200] "GET http://192.168.10..."; 200 7499 TCP_REFRESH_MODIFIED:NONE 192.168.3.26 - USER2 [09/Oct/2008:17:54:30 +0200] "GET http://192.168.10..."; 200 12202 TCP_MISS:NONE... ... 192.168.4.49 - - [09/Oct/2008:17:54:31 +0200] "CONNECT xxxxxx:443 HTTP/1.0" 407 2299 TCP_DENIED:NONE 192.168.4.49 - - [09/Oct/2008:17:54:31 +0200] "CONNECT xxxxxx:443 HTTP/1.0" 407 2622 TCP_DENIED:NONE 192.168.4.49 - - [09/Oct/2008:17:54:31 +0200] "CONNECT xxxxxx:443 HTTP/1.0" 407 2299 TCP_DENIED:NONE 192.168.4.49 - - [09/Oct/2008:17:54:31 +0200] "CONNECT xxxxxx:443 HTTP/1.0" 407 2622 TCP_DENIED:NONE 192.168.3.26 - USER1 [09/Oct/2008:17:54:34 +0200] "GET http://192.168.10... " 200 18130 TCP_MISS:NONE ... Thanks for all, Ivo
