[squid-users] Reverse DNS Lookup for client IPs

Stefan Hölzle stefan at hoelzle.work
Thu Feb 4 15:27:48 UTC 2016


Thanks for the hint.

I switched client_db off. As expected, I don't get any report for
client_list in the cachemanager anymore.

However squid still does PTR lookups.

On 04.02.2016 16:09, Yuri Voinov wrote:
>
> #  TAG: client_db    on|off
> #    If you want to disable collecting per-client statistics,
> #    turn off client_db here.
> #Default:
> # client_db on
>
> Feel free to read squid.conf.documented before.
>
> 04.02.16 21:06, Stefan Hölzle пишет:
> > On 04.02.2016 14:22, Amos
>       Jeffries wrote:
>
>       >> On 5/02/2016 12:41 a.m., Stefan Hölzle wrote:
>
>       >>> Hello,
>
>       >>>
>
>       >>> I'm using a squid configured as proxy.
>
>       >>> According to the cache log, squid is doing a reverse
>       dns lookup for
>
>       >>> client ips:
>
>       >>>
>
>       >>> 78,3| dns_internal.cc(1794) idnsPTRLookup:
>       idnsPTRLookup: buf is 42
>
>       >>> bytes for SOME_SOURCE_IP
>
>       >>>
>
>       >>> I'm only using the following configuration parameters
>       that might be
>
>       >>> relevant for this issue.
>
>       >>> external_acl_type
>
>       >>> acl aclname src
>
>       >>> acl aclname dst
>
>       >>> acl aclname dstdom_regex
>
>       >>> acl aclname port
>
>       >>> acl aclname proxy_auth
>
>       >>> acl aclname external
>
>       >>> acl aclname url_regex
>
>       >>>
>
>       >>> Any ideas why squid is doing PTR lookups anyway ?
>
>       >> Because that list is incomplete.
>
>       >>
>
>       >> The format parameters for external_acl_type, any *_extras
>       rules for
>
>       >> helper formats, and logformat rules also may make use of
>       the client
>
>       >> hostname (if any).
>
>       >>
>
>       >> Also, anyone viewing the cachemanager clientdb report
>       will trigger some
>
>       >> as the report is generated.
>
>       >>
>
>       >> Amos
>
>       >>
>
>       >> _______________________________________________
>
>       >> squid-users mailing list
>
>       >> squid-users at lists.squid-cache.org
>
>       >> http://lists.squid-cache.org/listinfo/squid-users
>
>       > Thanks for the quick reply Amos.
>
>
>
>       > * Used formats for external_acl_type are: %LOGIN, %SRC
>
>       > * There are no *_extras rules defined (store_id_extras
>
>
>       <http://www.squid-cache.org/Doc/config/store_id_extras/>,
>
>       > url_rewrite_extras
>
>
>       <http://www.squid-cache.org/Doc/config/url_rewrite_extras/>)
>
>       > * logformat defaults are used (there should be nothing in
>       there
>
>       > responsible for a ptr lookup)
>
>
>
>       > I guess its the cachemanager then.
>
>       > There are actually PTR results listed in the client_list of
>       the
>
>       > cachemanager.
>
>
>
>       > I tried blocking access to the cachemanager by adding the
>       folling rule:
>
>       > http_access deny manager
>
>
>
>       > However, squid still does PTR lookups.
>
>       > How can I prevent the clientdb reports to be generated ?
>
>
>
>
>
>
>
>       > _______________________________________________
>
>       > squid-users mailing list
>
>       > squid-users at lists.squid-cache.org
>
>       > http://lists.squid-cache.org/listinfo/squid-users
>
> > > > _______________________________________________ > squid-users
mailing list > squid-users at lists.squid-cache.org >
http://lists.squid-cache.org/listinfo/squid-users


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160204/cfd2e175/attachment.html>


More information about the squid-users mailing list