[squid-users] Reverse DNS Lookup for client IPs
Amos Jeffries
squid3 at treenet.co.nz
Sat Feb 13 07:18:05 UTC 2016
On 13/02/2016 10:15 a.m., Stefan Hölzle wrote:
> I have some new insight:
> The following line triggers the unwanted client ip ptr lookup:
>
> ./src/client_side.cc:3590:
> fqdncache_gethostbyaddr(clientConnection->remote, FQDN_LOOKUP_IF_MISS);
> Source package:
> http://www.squid-cache.org/Versions/v3/3.5/squid-3.5.10.tar.gz
>
> This line should only be called if Config.onoff.log_fqdn is 1.
>
> Unfortunately Config.onoff.log_fqdn is set to 1:
> squid-3.5.10 :) $ grep -rni Config.onoff.log_fqdn .
> ./src/format/Token.cc:507: Config.onoff.log_fqdn = 1;
> ./src/client_side.cc:3081: if (Config.onoff.log_fqdn)
> ./src/client_side.cc:3184: if (Config.onoff.log_fqdn)
> ./src/client_side.cc:3589: if (Config.onoff.log_fqdn)
> ./src/log/FormatSquidIcap.cc:34: if (Config.onoff.log_fqdn)
>
> Config.onoff.log_fqdn is only set to 1 if ">A" is contained in a
> logformat. We only use default logformats.
>
> There is only two configuration directives with a default logformat
> %macro containing the string ">A":
> url_rewrite_extras and store_id_extras
>
> We don't use these directives.
>
Aha. Good catch. Sorry I missed that. There is no config fix for this
one I'm afraid. The damage is already done before squid.conf gets started.
To avoid the PTR being triggered you will have to alter the "DEFAULT:"
lines in src/cf.data.pre corresponding to those directives and rebuild.
The current behaviour is for backward compatibility with old squid.conf
using ancient helpers. Far too may people still using squidguard for
example, and nobody knows how many outdated custom ones. So patches
welcome, but they will have to retain that back-compat property.
Amos
More information about the squid-users
mailing list