[squid-users] unique access.log for specific ACLs
Alex Rousskov
rousskov at measurement-factory.com
Mon Apr 9 16:18:24 UTC 2018
On 04/09/2018 08:10 AM, Joey Officer wrote:
> Apologies if this has been covered before, but I could not find an
> archived discussion on the same topic. Is it possible to assign a
> unique log file output to a specific ACL?
Yes, it is. See your own example below for a sketch.
> acl isf_blacklist dstdom_regex "/etc/squid/block.txt"
> access_log daemon:/var/log/squid/blocked.log isf_blacklist
> http_access deny isf_blacklist
> deny_info TCP_RESET isf_blacklist
However, please note that ACLs are evaluated in a particular directive
context so their evaluation results may change even within one HTTP
transaction scope. For example, a given ACL that did not match in
http_access rules may match when access_log rules are evaluated. There
was a more detailed discussion about that a few days ago:
http://lists.squid-cache.org/pipermail/squid-users/2018-April/018017.html
HTH,
Alex.
More information about the squid-users
mailing list