[squid-users] attempting to disable (or mute) logs
Amos Jeffries
squid3 at treenet.co.nz
Thu Mar 21 09:53:06 UTC 2019
On 21/03/19 8:15 pm, reinerotto wrote:
> In short words, there is _no_ safe method to disable cache.log
>
> Reason to disable cache.log most of all is because of this kind of messages:
>
> 2019/03/20 22:41:43 kid1| SECURITY ALERT: Host header forgery detected on
> local=31.13.93.35:443 remote=10.1.0.202:51283 FD 194 flags=33 (local IP does
> not match any domain IP)
> 2019/03/20 22:41:43 kid1| SECURITY ALERT: on URL: www.facebook.com:443
>
> Which is a rather old issue, I have found no fix for until now.
Those are showing up because of your "-d 1" command line option. Remove
that option or set it to 0 instead of 1.
> A logrotate every 8h keeps the logsize at about 0.5MB, but even that is
> precious RAM on an embedded system.
> Unfortunately, AFAIK, there is no filter just to drop these messages.
>
The filter on cache.log is debug level and/or section:
0 - critical
1 - important
2 - protocol messages
3-8 - various debug info
9 - data dumps
The default level is 0.
Amos
More information about the squid-users
mailing list