# SQUID shows the wrong time?

## NotExcessive

I've got SQUID set up as a proxy server, and have a couple of machines on an access control list in terms of what hours they're allowed to connect. Everything works fine except for the day-and-time access control. When I try to connect during the allowed period, it comes back with an access denied page, and the time of the page is exactly 10 hours prior to the actual time. In other words, if it's 2100 hours, the page comes back as being generated at 1100 hours - and this is outside of the time permitted by the ACL of course.

This is also, funnily enough, the GMT offset for my city (we're at GMT +10).

I've checked the system and hardware clocks under Webmin and they are indeed correct and in agreement, so where is SQUID getting this time value from?

----------

## think4urs11

*edit* deleted plain wrong answer to not confuse anybody...

----------

## NotExcessive

It does??? Bugger - what a silly thing.

----------

## think4urs11

mhh, not really

think about a setup where a proxy works in an environment which covers various timezones and/or you need to correlate various proxy logfiles from different timezones.

----------

## Janne Pikkarainen

I beg to differ. If I remember right, only the error pages returned by Squid ("You are not allowed to surf at this time") are by default configured to return time in GMT. That can be changed by modifying error templates and changing %T to %t or so. 

All the other time-related information, such as time ACL rules, are handled in local time. You only need to make sure Squid really knows in what time zone it's located; /etc/localtime should be enough, but Squid can also be instructed via a TZ environment variable, which also contains the time zone. 

At least this was Squid's behaviour couple of major versions back, I don't know if it's changed in Squid 2.5 or 2.6.

----------

## NotExcessive

Fair enough.

----------

## think4urs11

 *Janne Pikkarainen wrote:*   

> I beg to differ. If I remember right, only the error pages returned by Squid ("You are not allowed to surf at this time") are by default configured to return time in GMT. That can be changed by modifying error templates and changing %T to %t or so. 
> 
> All the other time-related information, such as time ACL rules, are handled in local time. You only need to make sure Squid really knows in what time zone it's located; /etc/localtime should be enough, but Squid can also be instructed via a TZ environment variable, which also contains the time zone. 
> 
> At least this was Squid's behaviour couple of major versions back, I don't know if it's changed in Squid 2.5 or 2.6.

 

uhhmm   :Embarassed: 

looks like you're right. I've all my proxies on GMT and didn't use time-based acls for a long time so i'm more or less used to convert the times 'brain-internal'....

added a note to the post above.

----------

