[squid-users] Reverse DNS lookups from squid logging port
Alex Rousskov
rousskov at measurement-factory.com
Tue Jan 25 04:38:05 UTC 2022
On 1/24/22 7:24 PM, Praveen Ponakanti wrote:
> Hi,
>
> I am running squid version 4.17 and have not been able to disable the
> reverse DNS lookups it does on each client's IP address. Found the
> thread below that discusses this; I have attempted adding the following
> config knobs, but it still does not disable the reverse lookups. I do
> not have any logformat containing ">A" or "<A".
>
> store_id_extras "%>a %un %>rm myip=%la myport=%lp"
> url_rewrite_extras "%>a %un %>rm myip=%la myport=%lp"
>
> http://lists.squid-cache.org/pipermail/squid-users/2016-February/009109.html
>
> The proposed solution seems to be to change the following lines and
> recompile. If this is still the recommended fix, can it be upstreamed in
> an upcoming release?
>
> https://github.com/squid-cache/squid/blob/master/src/cf.data.pre#L6042
> https://github.com/squid-cache/squid/blob/master/src/cf.data.pre#L6136
The above change of squid.conf defaults will probably work for you, but
it will also break some deployments affected by this bug because the
current code implicitly relies on those defaults triggering lookups.
Thus, it is probably not the right solution for upstreaming. The PR
mentioned below discusses specifics (see item #1 in the PR description).
The solution proposed for upstreaming is at
https://github.com/squid-cache/squid/pull/912
It does not require changing squid.conf defaults and has no (known to
me) other serious flaws.
HTH,
Alex.
More information about the squid-users
mailing list