[squid-users] [ext] Re: Log resolved IP somehow?
Ralf Hildebrandt
Ralf.Hildebrandt at charite.de
Tue Jun 18 14:20:20 UTC 2019
* Amos Jeffries <squid3 at treenet.co.nz>:
> Or,
> its IPv6 is listed.
No ipv6 here.
> Or,
> your test was done from a different machine than the one running Squid.
Nope.
> Or,
> the DNS query packet arrived at Akamai via a different DNS recursive
> resolver this time.
Could be
> Or,
> the Internet route between your network and Akamai DNS changed slightly.
Unlikely, but possible.
> (Don't we all love query-dependent DNS responses.)
:D
> > How can I log the IP "trx.adscale.de" resolved to when the rejection happened?
> >
>
> Your DNS resolver logs should contain that info.
I could indeed log that. Don't know if I'm doing that right now, but
probably not.
> If the check is close to the transaction time, then your Squid ipcache
> manager report should list all the IPs that domain has.
>
> Other than that, your best bet would be the debug trace of what ACLs are
> matching. "debug_options 28,4" should do it.
Well, I do know which ACL is matching, just not which line.
I'll go for the query log.
--
Ralf Hildebrandt Charite Universitätsmedizin Berlin
ralf.hildebrandt at charite.de Campus Benjamin Franklin
https://www.charite.de Hindenburgdamm 30, 12203 Berlin
Geschäftsbereich IT, Abt. Netzwerk fon: +49-30-450.570.155
More information about the squid-users
mailing list