Sherwood Botsford wrote:
> I have various ACL's based either on hostname (banned sites), time,
> browsers, etc.
> Some of these are applied to everyone, some are applied to specific
> machines, or groups of machines
>
> Trouble is if I have multiple filters that use the same group of
> machines, cache log reports, "2006/11/23 12:06:40| The request GET
> http://www.kjdhendieldiouyu.com:80/ .. is DENIED, because it matched
> 'lab'
>
> But I have 6 filters that use lab as a host group.
>
> Is there any way to log the ACL as well as the host group?
>
> Workaround: Defining the same group of machines multiple times so that
> each filter rule uses a unique host group. Yuck.
>
> I wish that I could also see the IP or hostname of the requesting ID
> too in the cache log file. (E.g. If I can see WHO was considered to
> be in WHAT host group, and was denied access by WHICH acl it would
> help. Right now to get the who, I have to match requests between the
> access log and the cache log.)
>
> Or maybe I'm going about this all wrong.
>
Denied entries are logged (and error messages are displayed) based on
the last acl of an http_access rule. The access rule...
...will show the deny message for the acl "lab" (which just goes to
show, my answer to your other question was, while accurate, misplaced).
Switch the order of the acls, like...
http_access deny lab browsers.bad
...and the error message for "browsers.bad" will be displayed, and logged.
Chris
Received on Fri Nov 24 2006 - 14:39:29 MST
This archive was generated by hypermail pre-2.1.9 : Fri Dec 01 2006 - 12:00:03 MST