[squid-users] access_log acls

Alex Rousskov rousskov at measurement-factory.com
Tue Nov 27 15:58:49 UTC 2018


On 11/27/18 5:21 AM, Marcus Kool wrote:

> logformat combha %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %>Hs %<st %Ss:%Sh %>ha
> acl src_lb src 10.2.2.254/32
> acl src_lb src 10.2.2.107/32
> access_log stdio:/local/squid4/logs/lbaccess.log combha src_lb
> access_log stdio:/local/squid4/logs/access.log   combha !src_lb

> The logging is almost as expected: all HTTP(S) traffic from 10.2.2.107
> goes to lbaccess.log and all other traffic to access.log,
> *but* imitating the TCP probe of the LB with a telnet session from
> 10.2.2.107 to the squid server which is immediately terminated or sends
> garbage, is logged with transaction-end-before-headers to access.log,
> not lbaccess.log.

> Should the above acls send the errors to lbaccess.log?

Yes, src ACLs should work for all transactions associated with to-Squid
connections, including transaction-end-before-headers errors. If they do
not work, it is a Squid bug.

Alex.


More information about the squid-users mailing list