[squid-users] unique access.log for specific ACLs

Alex Rousskov rousskov at measurement-factory.com
Mon Apr 9 16:18:24 UTC 2018


On 04/09/2018 08:10 AM, Joey Officer wrote:
> Apologies if this has been covered before, but I could not find an
> archived discussion on the same topic.  Is it possible to assign a
> unique log file output to a specific ACL?

Yes, it is. See your own example below for a sketch.

> acl isf_blacklist dstdom_regex "/etc/squid/block.txt"
> access_log daemon:/var/log/squid/blocked.log isf_blacklist
> http_access deny isf_blacklist
> deny_info TCP_RESET isf_blacklist


However, please note that ACLs are evaluated in a particular directive
context so their evaluation results may change even within one HTTP
transaction scope. For example, a given ACL that did not match in
http_access rules may match when access_log rules are evaluated. There
was a more detailed discussion about that a few days ago:

http://lists.squid-cache.org/pipermail/squid-users/2018-April/018017.html


HTH,

Alex.


More information about the squid-users mailing list