[squid-users] Warning: ACL is used in context without an HTTP response
alexandrei5691 at gmail.com
Wed Sep 25 15:07:41 UTC 2019
On 25/09/2019 15:29, Alex Rousskov wrote:
> On 9/25/19 7:12 AM, Alessandro Andrei wrote:
>> My access_log file il flooded with messages that I do not want to see
>> 1) CONNECT vortex-win.data.microsoft.com
>> 2) TCP_DENIED/407
>> So I created two ACLs to exclude them from logging and applied it to my access log
>> acl AuthRequest http_status 407
>> acl excludefromlog dstdomain .vortex-win.data.microsoft.com
>> access_log stdio:/var/log/squid/access.log logformat=squid !AuthRequest !excludefromlog
> FYI: If you have two unwanted record kinds (one CONNECT and one
> TCP_DENIED/407), then you should use a different rule to block _each_
> record kind. The current rule only blocks logging of records that match
> _both_ conditions. Look for any-of ACL.
Of course, silly me!
acl AuthResponse407 http_status 407
acl excludefromlog dstdomain .vortex-win.data.microsoft.com
acl DoNotLog any-of AuthResponse407 excludefromlog
access_log stdio:/var/log/squid/access.log logformat=squid !DoNotLog
>> but isn't there a way to avoid all this?
> You can try patching your Squid or testing the fixed version. The former
> may be difficult if you are not running master-based code (future v5).
I'm running version 3.5.20, the one that is installed by default with
Centos 7 repos
I guess I should download and compile version 4.8...
> You may also be able to avoid the WARNING if you adjust the rule to
> check the "has response" condition before checking AuthRequest. Look for
> the "has" ACL. However, you would have to decide whether to log all
> records that lack responses. If any of those responses are absent due to
> Squid bugs, your decision, whatever it is, may be incorrect in some cases.
OK, if I get it correctly the "has" ACL requires version 4, so I DO have
Anyway it's not clear to me how this check should be done in my
More information about the squid-users