Re: Logging

Date: Tue, 13 Jan 1998 14:59:41 -0300 (ARST)

Hi Ryan!

You can force the use of the proxy cache implementing an outgoing access
list in your Cisco. At least we are doing this with some nets and it works
I suppose the syntax depends on the model you have got. Anyway, these are
the commands to configure a list in Cisco 2511:
no access-list [list number]
access-list [list number] deny tcp [net address] [netmask] any eq 80
access-list [list number] permit tcp any any
access-list [list number] permit udp any any
access-list [list number] permit icmp any any

Then, you have to declare this list in the correspondant interface.



On Tue, 13 Jan 1998, Ryan Matteson wrote:

> I have been reading all the docs and scripts on the access.log
> file and was wondering if anyone has written a script to parse
> the file based on IP address and domains or IP's that host has
> hitten. My boss wishes to log all incoming and outgoing xfers to
> see who is "wasting" his time on the net by looking at a
> formattted list. I could write it in Perl but why bother if such
> a script exists. Calamari works good but need the stats I just
> said. Also, is it possbile to get this configuration on a network
> INTERNAL Network ------ Squid Cache ----- Router
> and force everyone to go through the squid cache. As it stands
> now users can point to the router and avoid the squid cache
> completely which negates our logging features and the point of
> using the cache to reduce traffic. I assume you could add a rule
> to the Cisco Router and allow outgoing packets from only the
> Squid cache IP address but am not sure how that would be done.
> Any info would be very much apprecaited...Thanks again
> Ryan
Received on Tue Jan 13 1998 - 10:05:37 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:38:24 MST