[squid-users] Using access_log directive to filter based on src IP or regex
Henning Schroeder
schroedh at gmail.com
Mon May 13 11:54:12 UTC 2019
Hi there,
I'm hosting two squid servers (Version 4.6) on CentOS in Azure, which are
placed behing an Azure load balancer.
The LB has a health probe which constantly polls the squid servers on port
3128.
In the access.log, I can find a whole lot of entries like:
1557738944.935 0 168.63.129.16 NONE/000 0 NONE
error:transaction-end-before-headers - HIER_NONE/- -
Basically, the log gets flooded with this every few seconds. The source IP
168.63.129.16 is a platform IP of the Azure software-defined network, in
this case it is the source of the LB health probe.
I tried to filter these log entries by using the access_log directive. E.g.:
Option 1)
acl azurelb src 168.63.129.16/32
access_log none azurelb
access_log daemon:/var/log/squid/access.log squid
Option 2) (read about a bug in an older 3.x version, which can be worked
around by using this)
acl azurelb src 168.63.129.16/32
access_log daemon:/var/log/squid/access.log squid !azurelb
Option 3)
acl azurelbprobe url_regex ^error:transaction-end-before-headers
access_log none azurelbprobe
access_log daemon:/var/log/squid/access.log squid
None of this worked. I still get the same entries in access.log.
Any suggestion or hint will be appreciated.
Thanks & regards
Henning
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20190513/b60729a6/attachment.html>
More information about the squid-users
mailing list