[squid-users] Problem with ACL in access_log directive from Francis GASCHET on 2010-12-22 (squid-users)

From: Francis GASCHET <fg_at_numlog.fr>
Date: Wed, 22 Dec 2010 10:34:33 +0100

Hello,

We recently had to upgrade a proxy server from Debian 4 to Debian 5 and
installed Squid 2.7 :
#squid -v
Squid Cache: Version 2.7.STABLE3
configure options: '--prefix=/usr' '--exec_prefix=/usr'
'--bindir=/usr/sbin' '--sbindir=/usr/sbin' '--libexecdir=/usr/lib/squid'
'--sysconfdir=/etc/squid' '--localstatedir=/var/spool/squid'
'--datadir=/usr/share/squid' '--enable-async-io' '--with-pthreads'
'--enable-storeio=ufs,aufs,coss,diskd,null' '--enable-linux-netfilter'
'--enable-arp-acl' '--enable-epoll' '--enable-removal-policies=lru,heap'
'--enable-snmp' '--enable-delay-pools' '--enable-htcp'
'--enable-cache-digests' '--enable-underscores' '--enable-referer-log'
'--enable-useragent-log' '--enable-auth=basic,digest,ntlm,negotiate'
'--enable-negotiate-auth-helpers=squid_kerb_auth' '--enable-carp'
'--enable-follow-x-forwarded-for' '--with-large-files'
'--with-maxfd=65536' 'i386-debian-linux' 'build_alias=i386-debian-linux'
'host_alias=i386-debian-linux' 'target_alias=i386-debian-linux'
'CFLAGS=-Wall -g -O2' 'LDFLAGS=' 'CPPFLAGS='

With Squid 2.6 we used multiple access_log directives, based on
different ACLs and it worked fine.
Since we installed the 2.7 version it looks broken : as soon as I put an
ACL, requests are no more logged. I tried with and without the module:
same result. i tried also the 2 syntaxes for net mask...
access_log stdio:/var/log/squid/access.log squid : this is OK (if
log_access is not defined)
access_log stdio:/var/log/squid/access.log squid NORD : this doesn't
work. Indeed the ACL NORD is declared and listed in log_access. No error
when I reload the configuration.

Thereafter is the configuration I would like to get running:
acl SUD src 192.168.3.0/24 192.168.192.0/24
acl NORD src 192.168.5.0/24 192.168.82.0/24
acl NML src 1.1.1.1/255.255.255.255
access_log stdio:/var/log/squid/sud.log squid SUD
access_log stdio:/var/log/squid/access.log squid NORD
access_log stdio:/var/log/squid/access.log squid NML
log_access allow SUD NORD NML

Thanks in advance for help.

-- 
Francis GASCHET / NUMLOG
http://www.numlog.fr
Tel.: +33 (0) 130 791 616
Fax.: +33 (0) 130 819 286

Received on Wed Dec 22 2010 - 09:35:19 MST

This archive was generated by hypermail 2.2.0 : Wed Dec 22 2010 - 12:00:03 MST