<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<br>
-----BEGIN PGP SIGNED MESSAGE----- <br>
Hash: SHA256 <br>
<br>
# TAG: client_db on|off<br>
# If you want to disable collecting per-client statistics,<br>
# turn off client_db here.<br>
#Default:<br>
# client_db on<br>
<br>
Feel free to read squid.conf.documented before.<br>
<br>
04.02.16 21:06, Stefan Hölzle пишет:<br>
<span style="white-space: pre;">> On 04.02.2016 14:22, Amos
Jeffries wrote:<br>
>> On 5/02/2016 12:41 a.m., Stefan Hölzle wrote:<br>
>>> Hello,<br>
>>><br>
>>> I'm using a squid configured as proxy.<br>
>>> According to the cache log, squid is doing a reverse
dns lookup for<br>
>>> client ips:<br>
>>><br>
>>> 78,3| dns_internal.cc(1794) idnsPTRLookup:
idnsPTRLookup: buf is 42<br>
>>> bytes for SOME_SOURCE_IP<br>
>>><br>
>>> I'm only using the following configuration parameters
that might be<br>
>>> relevant for this issue.<br>
>>> external_acl_type<br>
>>> acl aclname src<br>
>>> acl aclname dst<br>
>>> acl aclname dstdom_regex<br>
>>> acl aclname port<br>
>>> acl aclname proxy_auth<br>
>>> acl aclname external<br>
>>> acl aclname url_regex<br>
>>><br>
>>> Any ideas why squid is doing PTR lookups anyway ?<br>
>> Because that list is incomplete.<br>
>><br>
>> The format parameters for external_acl_type, any *_extras
rules for<br>
>> helper formats, and logformat rules also may make use of
the client<br>
>> hostname (if any).<br>
>><br>
>> Also, anyone viewing the cachemanager clientdb report
will trigger some<br>
>> as the report is generated.<br>
>><br>
>> Amos<br>
>><br>
>> _______________________________________________<br>
>> squid-users mailing list<br>
>> <a class="moz-txt-link-abbreviated" href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a><br>
>> <a class="moz-txt-link-freetext" href="http://lists.squid-cache.org/listinfo/squid-users">http://lists.squid-cache.org/listinfo/squid-users</a><br>
> Thanks for the quick reply Amos.<br>
><br>
> * Used formats for external_acl_type are: %LOGIN, %SRC<br>
> * There are no *_extras rules defined (store_id_extras<br>
>
<a class="moz-txt-link-rfc2396E" href="http://www.squid-cache.org/Doc/config/store_id_extras/"><http://www.squid-cache.org/Doc/config/store_id_extras/></a>,<br>
> url_rewrite_extras<br>
>
<a class="moz-txt-link-rfc2396E" href="http://www.squid-cache.org/Doc/config/url_rewrite_extras/"><http://www.squid-cache.org/Doc/config/url_rewrite_extras/></a>)<br>
> * logformat defaults are used (there should be nothing in
there<br>
> responsible for a ptr lookup)<br>
><br>
> I guess its the cachemanager then.<br>
> There are actually PTR results listed in the client_list of
the<br>
> cachemanager.<br>
><br>
> I tried blocking access to the cachemanager by adding the
folling rule:<br>
> http_access deny manager<br>
><br>
> However, squid still does PTR lookups.<br>
> How can I prevent the clientdb reports to be generated ?<br>
><br>
><br>
><br>
> _______________________________________________<br>
> squid-users mailing list<br>
> <a class="moz-txt-link-abbreviated" href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a><br>
> <a class="moz-txt-link-freetext" href="http://lists.squid-cache.org/listinfo/squid-users">http://lists.squid-cache.org/listinfo/squid-users</a></span><br>
<br>
-----BEGIN PGP SIGNATURE-----
<br>
Version: GnuPG v2
<br>
<br>
iQEcBAEBCAAGBQJWs2mUAAoJENNXIZxhPexGDSoH/i0/IoFP9v/evo5D8U040CbQ
<br>
MReG2VxDdgvm/2ev0uOywOCKyDC2zJR+k45quocwImWBlFx7hevg0u2DJ1DpEoy6
<br>
5j0jbAQn/qhFLA7Rtz9HADPXtejmJBJdC4SYH4iK6f/2cVFKxOqLrvXo8yLFikWW
<br>
SCwWYBptauDH6ZFu9poXVR2tK7X8yMZDmhEhF2eNo70bHefn2fvrtBXv66NrYxpp
<br>
vQtduE9U7MXjq9Os/c7LOtatJX+lU6ZOJvRWNBFiNRkXJzr79u/poRwvSUJ4gS+t
<br>
iZaqslMdQ2PpDjkEIesZ9A3uhw1aJYZAzsBH6NAymd8BUGQPLufBbKGCkDddzGg=
<br>
=kg35
<br>
-----END PGP SIGNATURE-----
<br>
<br>
</body>
</html>