[squid-users] Tagged ACLs?

Ralf Hildebrandt Ralf.Hildebrandt at charite.de
Sat May 20 16:07:09 UTC 2017

Currently we're using a few blacklists (from abuse.ch) as ACLs on our
squid installation.

This is working well, but we want to create statistics on how many
clients were "caught" trying to access blocked sites.

Currently, we're grepping the log for TCP_DENIED in conjunction with the
patterns from the ACLs. This is working somewhat OK, but if access was
blocked using a pettern that was in use when the client tried to
access and was subsequently removed (prior to the time of the log
analysis process), it won't be found...

Is there any way around this? Like "tagging" rejects or logging the
ACL that caused the rejection? (Using squid-5 HEAD here)

Ralf Hildebrandt                   Charite Universitätsmedizin Berlin
ralf.hildebrandt at charite.de        Campus Benjamin Franklin
https://www.charite.de             Hindenburgdamm 30, 12203 Berlin
Geschäftsbereich IT, Abt. Netzwerk fon: +49-30-450.570.155

More information about the squid-users mailing list