Re: [squid-users] Writing a access_log for an acl user doesnt work!

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Tue, 27 Oct 2009 19:48:59 +1300

Andres Salazar wrote:
>> You say "other requests" ... do you mean these ones are not? thats a
>> problem with squid not even receiving the requests.
>
> With other requestsm i meant every single request from all users and all IPs.
>

Okay.

>> All I can think of is a wild guess that maybe something will change if the
>> jp log line goes above the general one in Squid-2.
>> The result is _supposed_ to be logged to all logs with ACL that permit
>> logging, however I'm not certain of that since the logdaemon changes in
>> 2.7.
>
> I have tried this, even taking out the general log and leaving only
> this one. No luck.
>

Weird. src is the one ACL datum _guaranteed_ to be present and usable in
all access lists of a working Squid.

You are not doing NAT or something outside Squid before the packets arrive?

Now that the user is being logged successfully what does a row of the
log look like?

Amos

>>> /var/squid/logs/access.log
>>>
>>> Ive tried logging based on mac address (yes iam on the same subnet),
>>> and also as src IP. No go, I have spent hours on this.
>>>
>>> Using squid-2.7.STABLE6 .. I just tested the config file on a totally
>>> different box still no go. I tried chmoding 777 /var/squid/logs and
>>> its files and no luck.
>>>
>>> What else could I do?
>>>
>>> --Matt
>>>
>>> On Mon, Oct 26, 2009 at 9:16 PM, Amos Jeffries <squid3_at_treenet.co.nz>
>>> wrote:
>>>> On Mon, 26 Oct 2009 18:59:27 -0500, Matthew Young
>> <myoung24866_at_gmail.com>
>>>> wrote:
>>>>> Hello Guys,
>>>>>
>>>>> Ive been quite some time figuring out why this doesnt work. Iam sure
>>>>> that my user (me) is on the same LAN and does have that IP.
>>>> Looks right to me as well. Is the other general access.log getting the
>>>> requests? should be logged to both under that config.
>>>> If not then the requests may not be entering Squid at all...
>>>>
>>>>>
>>>>> acl jp src 172.16.2.35
>>>>> access_log /var/squid/logs/access_jp.log squid jp
>>>>>
>>>>> Below is my complete config..
>>>>>
>>>>> Please somebody shed some light.. Thanks..!!
>>>>>
>>>>> - Matt
>>>>>
>>>>> acl all src all
>>>>> acl manager proto cache_object
>>>>> acl localhost src 127.0.0.1/32
>>>>> acl to_localhost dst 127.0.0.0/8
>>>>> acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
>>>>> acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
>>>>> acl SSL_ports port 443 # RFC1918 possible internal network
>>>>> acl Safe_ports port 80
>>>>> acl Safe_ports port 21 # http
>>>>> acl Safe_ports port 443 # ftp
>>>>> acl Safe_ports port 70 # https
>>>>> acl Safe_ports port 210 # gopher
>>>>> acl Safe_ports port 1025-65535 # wais
>>>>> acl Safe_ports port 280 # unregistered ports
>>>>> acl Safe_ports port 488 # http-mgmt
>>>>> acl Safe_ports port 591 # gss-http
>>>>> acl Safe_ports port 777 # filemaker
>>>>> acl CONNECT method CONNECT # multiling http
>>>>> acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9]
>>>>> http_access allow manager localhost
>>>>> http_access allow localnet
>>>>> http_access deny manager
>>>>> http_access deny !Safe_ports
>>>>> http_access deny CONNECT !SSL_ports
>>>>> http_access allow all
>>>>> icp_access allow localnet
>>>>> icp_access deny all
>>>>> http_port 8080
>>>>> hierarchy_stoplist cgi-bin ?
>>>>> cache_dir null /dev/null
>>>>> access_log /var/squid/logs/access.log
>>>>> refresh_pattern ^ftp: 1440 20% 10080
>>>>> refresh_pattern ^gopher: 1440 0% 1440
>>>>> refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
>>>>> refresh_pattern . 0 20% 4320
>>>>> acl apache rep_header Server ^Apache
>>>>> acl jp src 172.16.2.35
>>>>> access_log /var/squid/logs/access_jp.log squid jp
>>>>> upgrade_http0.9 deny shoutcast
>>>>> via on
>>>>> broken_vary_encoding allow apache
>>>>> cache_effective_user _squid
>>>>> cache_effective_group _squid
>>>>> max_filedescriptors 5024
>>>>> coredump_dir /var/squid/cache
>>>> Amos
>>>>

-- 
Please be using
   Current Stable Squid 2.7.STABLE7 or 3.0.STABLE19
   Current Beta Squid 3.1.0.14
Received on Tue Oct 27 2009 - 06:49:12 MDT

This archive was generated by hypermail 2.2.0 : Tue Oct 27 2009 - 12:00:03 MDT