[squid-users] Client IP PTR lookup on connect
Amos Jeffries
squid3 at treenet.co.nz
Sun May 17 10:36:18 UTC 2020
On 14/05/20 1:44 am, Michal Bruncko wrote:
> Hello guys
>
> following the original thread "[squid-users] Squid 4.9 Client IP PTR
> lookup on connect"
>
> I am observing exactly same bahavour on
> squid-4.4-8.module_el8.1.0+197+0c39cdc8.x86_64 on CentOS 8.
Certainly 4.4 is older than 4.9.
> At first I was suspecting some squid module (auth helper
> (gssapi/ntlm/basic), URL rewriter) or syslog (which we use for sending
> access logs to remote server) but those DNS queries are coming directly
> from squid process (same as the one doing standard forward DNS lookups).
The URL-rewriter input includes the rDNS name of the client IP. I expect
your Squid is trying to fetch that information to send the re-writer.
> write(16,
> "http://i5.c.eset.com/v1/auth/851A4855CEEAB5292C10/updlist/0/eid/7033368/lid/7033484
> 2001:4118:804:f000::103/2001:4118:804:f000::"..., 179) = 179
If that information is not actually needed by your re-writer, then
configure the url_rewrite_extras directive to alter what gets sent.
Amos
More information about the squid-users
mailing list