Re: [squid-users] Squid and Mirrored Router Ports

From: Neil A. Hillard <neil.hillard@dont-contact.us>
Date: Tue, 17 Apr 2007 13:19:12 +0100

Hi,

Edward C. Jakosalem wrote:
>> tis 2007-04-17 klockan 20:55 +1000 skrev Edward C. Jakosalem:
>>
>>> I have posted this same problem before but I want to post it again
>>> because
>>> I am pressured to make this work with Squid. I know that Squid's use is
>>> either an accelerator or proxy or both. But we want Squid to _only_
>>> capture web traffic and log them, that's all. As such, I have configured
>>> my server to act as transparent proxy.
>> I don't quite get what you are trying to do here.. Do you want Squid to
>> act as a transparent proxy by intercepting port 80 traffic and have it
>> redirected to Squid, or do you just want to audit the port 80 traffic
>> without actually touching the packets by just listening on a switch
>> mirror/monitor port?
>
> I actully just need squid to act as transparent proxy so I can log
> traffic. I don't care how squid will do this, I just need the logs. And
> the reason why we use the mirrored port is that we don't want browsing
> affected in case this server goes down.

So you want Squid to be in the path but don't want it to affect anything
if it goes down? That can't be done, unless you can use WCCP to ignore
it if it's down. Never played with WCCP so I don't know if it's
possible. I've always 'done the right thing' and told my browsers about
the proxy!

>> The first can be done by Squid, and any of the interception methods will
>> work. WCCP, Policy routing etc..
>>
>> The second is not a job for Squid. You need a packet analyzer/auditor
>> for this. There is quite many different ones depending on what you are
>> looking for..
>
> We specifically need the Squid log format that's why we want to make this
> work with squid. My boss doesn't want it any other way. :-(

Why must he have Squid format logs? What's his business reason for
having to have them in that format?

Squid is probably the wrong tool for the job and won't work how you've
got it set up now so why not look around at other tools that are
designed for the job?

HTH,

                                Neil. 

-- 
Neil Hillard                    neil.hillard@agustawestland.com
AgustaWestland                  http://www.whl.co.uk/
Disclaimer: This message does not necessarily reflect the
            views of Westland Helicopters Ltd.
Received on Tue Apr 17 2007 - 06:19:23 MDT

This archive was generated by hypermail pre-2.1.9 : Tue May 01 2007 - 12:00:01 MDT