On 06/12/2011 01:28 AM, Amos Jeffries wrote:
> On 21/05/11 12:28, Amos Jeffries wrote:
>> On 21/05/11 03:58, Alex Rousskov wrote:
>>> On 05/20/2011 08:56 AM, Amos Jeffries wrote:
>>>> I'm now looking at adding %Sf code to log the handling flags Squid
>>>> works
>>>> with for modes etc.
>>>>
>>>> Anyone have ideas on exact what to put in the log?
>>>> coded characters? (one, two, a whole word?)
>>>
>>> Can you give a few examples of what you call the handling or state
>>> flags?
>>
>> src/HttpRequestFlags.h
>>
>> The "mode" and type ones (accel, tproxy/spoof, intercepted, transparent,
>> sslbump, internal, ims, range) and the major behaviour indicators
>> (redirected, cacheable, nocache, ignore_cc, auth, loopdetect,
>> chunked_reply, stale, adapted).
>>
>> Thats probably no all we will want to log, but the ones that stand out
>> right now as needing a mention.
>>
>> Amos
>
> I've broken that into three groups. One about the traffic "mode" type,
> one about what we do during HTTP handling, and one about what happens
> durign teh optionl adaptations.
>
> Going through the list of things done and flags floating around. Also
> assuming one character per flag I get this:
>
>
> BNF form:
>
> squid-flags ::= port-mode '-' http-alt [ '-' adapts ]
>
> port-mode ::= 'P' [ 'a' | 'f' | 'I' | 'i' | 's' | 't' | 'z' ]
>
> http-alt ::= 'H' [ 'l' | 'm' | 'o' | 'r' | 'u' | 'z' ]+
>
> adapts ::= 'A' [ 'E' | 'e' | 'i' | 's' | 'w' | 'x' | 'z' ]+
>
>
>
> port-mode tags meaning:
>
> a - accel / reverse
> f - default / forward
> I - internal request
> i - interception (NAT)
> s - spoofing (TPROXY)
> t - transparent (HTTP definition)
> z - encrypted traffic
It does not matter for now, but I think these should be documented using
specific squid.conf examples. Otherwise, it is not 100% clear (to me
anyway) that they are mutually exclusive and what some of them really mean.
I would also allow multiple flags for port-mode because a single
http_port may have multiple attributes/modes that apply to the same
transaction.
> http-alt tags meaning:
>
> l - loop detected
> m - HTTP mangling adaptations (non-violation changes)
> o - ignore client Cache-Control
> r - HTTP Redirect by Squid (not by origins)
> u - HTTP Upgrade (1.0->1.1 required changes, etc)
> v - HTTP protocol violation
> z - HTTP transfer encoding mux (chunking etc)
All of the above seem optional. Let's make this group of state flags
optional, just like adaptation flags below. I would also generalize the
format so that more groups can be added in the future:
squid-flags ::= flags-group [ '-' flags-group ]*
flags-group ::= port-flags | http-flags | adapt-flags | other-flags
...
> adapts tags meaning:
>
> E - ESI constructed reply
> e - eCAP adapted
> i - ICAP adapted
> s - SSL bump
> w - URL re-write
> x - cross-protocol gateway (FTP->HTTP, Gopher->HTTP, etc)
> z - encrypted / decrypted (ie gzip)
For eCAP and ICAP, should we distinguish REQMOD from RESPMOD?
I do not want to fight over specific flag placements, but please try to
better define what each group means (or what it is for). A more precise
and detailed definition will help those who want to add new flags or new
groups.
Finally, we may want to reserve "+" or a similar symbol to be used for
multi-letter flags when we run out of single symbols or decide we want
to log more than just flags.
Thank you,
Alex.
Received on Wed Jun 15 2011 - 20:32:36 MDT
This archive was generated by hypermail 2.2.0 : Thu Jun 16 2011 - 12:00:04 MDT