[squid-users] Tagged ACLs?
Dijxie
dijxie at gmail.com
Sat May 20 19:37:53 UTC 2017
W dniu 20.05.2017 o 18:07, Ralf Hildebrandt pisze:
> Currently we're using a few blacklists (from abuse.ch) as ACLs on our
> squid installation.
>
> This is working well, but we want to create statistics on how many
> clients were "caught" trying to access blocked sites.
>
> Currently, we're grepping the log for TCP_DENIED in conjunction with the
> patterns from the ACLs. This is working somewhat OK, but if access was
> blocked using a pettern that was in use when the client tried to
> access and was subsequently removed (prior to the time of the log
> analysis process), it won't be found...
>
> Is there any way around this? Like "tagging" rejects or logging the
> ACL that caused the rejection? (Using squid-5 HEAD here)
>
Hi,
Try that:
http://www.squid-cache.org/Doc/config/logformat/
"Access Control related format codes" => "et" can be the thing you are
looking for.
--
Pozdrawiam, Remik
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20170520/15c139a3/attachment.html>
More information about the squid-users
mailing list