Re: [squid-users] Problem with ACL in access_log directive from Amos Jeffries on 2010-12-22 (squid-users)

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Thu, 23 Dec 2010 02:23:51 +1300

On 22/12/10 22:34, Francis GASCHET wrote:
> Hello,
>
> We recently had to upgrade a proxy server from Debian 4 to Debian 5 and
> installed Squid 2.7 :
> #squid -v
> Squid Cache: Version 2.7.STABLE3
> configure options: '--prefix=/usr' '--exec_prefix=/usr'
> '--bindir=/usr/sbin' '--sbindir=/usr/sbin' '--libexecdir=/usr/lib/squid'
> '--sysconfdir=/etc/squid' '--localstatedir=/var/spool/squid'
> '--datadir=/usr/share/squid' '--enable-async-io' '--with-pthreads'
> '--enable-storeio=ufs,aufs,coss,diskd,null' '--enable-linux-netfilter'
> '--enable-arp-acl' '--enable-epoll' '--enable-removal-policies=lru,heap'
> '--enable-snmp' '--enable-delay-pools' '--enable-htcp'
> '--enable-cache-digests' '--enable-underscores' '--enable-referer-log'
> '--enable-useragent-log' '--enable-auth=basic,digest,ntlm,negotiate'
> '--enable-negotiate-auth-helpers=squid_kerb_auth' '--enable-carp'
> '--enable-follow-x-forwarded-for' '--with-large-files'
> '--with-maxfd=65536' 'i386-debian-linux' 'build_alias=i386-debian-linux'
> 'host_alias=i386-debian-linux' 'target_alias=i386-debian-linux'
> 'CFLAGS=-Wall -g -O2' 'LDFLAGS=' 'CPPFLAGS='
>
>
> With Squid 2.6 we used multiple access_log directives, based on
> different ACLs and it worked fine.
> Since we installed the 2.7 version it looks broken : as soon as I put an
> ACL, requests are no more logged. I tried with and without the module:
> same result. i tried also the 2 syntaxes for net mask...
> access_log stdio:/var/log/squid/access.log squid : this is OK (if
> log_access is not defined)
> access_log stdio:/var/log/squid/access.log squid NORD : this doesn't
> work. Indeed the ACL NORD is declared and listed in log_access. No error
> when I reload the configuration.
>
>
> Thereafter is the configuration I would like to get running:
> acl SUD src 192.168.3.0/24 192.168.192.0/24
> acl NORD src 192.168.5.0/24 192.168.82.0/24
> acl NML src 1.1.1.1/255.255.255.255
> access_log stdio:/var/log/squid/sud.log squid SUD
> access_log stdio:/var/log/squid/access.log squid NORD
> access_log stdio:/var/log/squid/access.log squid NML
> log_access allow SUD NORD NML

The log_access line tells Squid to only log when the src IP is in all
three of the non-overlapping ranges.

You need to write it:
   log_access allow SUD
   log_access allow NORD
   log_access allow NML
   log_access deny all

Amos

-- 
Please be using
   Current Stable Squid 2.7.STABLE9 or 3.1.9
   Beta testers wanted for 3.2.0.3

Received on Wed Dec 22 2010 - 13:24:00 MST

This archive was generated by hypermail 2.2.0 : Wed Dec 22 2010 - 12:00:03 MST