Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [HOWTO] Squid/Lightsquid Logs with MAC addresses - pfSense 2.3.2

    Scheduled Pinned Locked Moved Cache/Proxy
    5 Posts 5 Posters 3.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Shelter
      last edited by

      Hi everybody,

      last night (after about 4 pots of coffee) I figured out, how to log MAC addresses instead of IPs with Squid and Lightsquid.

      DISCLAIMER: Backup your config before playing around. This comes with absolutely no warranties.

      After installing and configuring Squid and Lightsquid follow these steps:

      • In the WebGUI, navigate to Services / Squid Proxy Server / General Tab and Scroll down to Logging Settings

      • Enable Access Logging –> Disabled

      • Scroll down to the bootom of the page and click on Show advanced Options

      • Paste the code below into the Custom ACLS (Before Auth)-Box

      • Save and restart Squid Service

      logfile_rotate 90
debug_options rotate=90
logformat iptomac %ts.%03tu %6tr %>eui %Ss/%03>Hs %<st %rm="" %ru="" %[="">a %Sh/%<a %mt<br="">access_log /var/squid/logs/access.log iptomac[/code]

I attached a screenshot (MACs shortened) so you get an idea of how it will look.

Now, I'll see if I can get rid of that **** stuck beacon issue.
Time for another pot of coffee...

Cheers!
![lightsquid.jpg](/public/_imported_attachments_/1/lightsquid.jpg)
![lightsquid.jpg_thumb](/public/_imported_attachments_/1/lightsquid.jpg_thumb)</a></st>
      1 Reply Last reply Reply Quote 0
      • N
        navalgandhi1989gmail.com
        last edited by

        Just Superb  ;D

        1 Reply Last reply Reply Quote 0
        • O
          olivedu56
          last edited by

          hi

          merci beaucoup ;) ;) ;) ;)

          1 Reply Last reply Reply Quote 0
          • G
            gatop
            last edited by

            The idea is right but the syntax is wrong. On 2.4.4-RELEASE-p2:

            • Proxy Server -> General settings -> "Enable Access Logging" disabled (this prevents the default syntax to be loaded)
            • Advanced features ("Show Advanced Options") -> Custom Options (Before Auth) ->
            logfile_rotate 30
debug_options rotate=30
logformat squid %{%d/%m/%Y_%H:%M:%S}tl %>eui %6tr %>a %Ss/%03>Hs %<st %rm %ru %un %Sh/%<A %mt
access_log /var/squid/logs/access_custom.log

            Save and reload Squid. You'll find the log in /var/squid/logs as defined in the general options page. Obviously You can customize the options according to your needs (timestamp, logrotate days, etc...)

            1 Reply Last reply Reply Quote 1
            • B
              bassc
              last edited by bassc

              Hello Friends...Yeah this method works. Squid is logging with mac address. But i'd like to see logs with mac on Light Squid. When i apply your method Light Squid does not show logs and also Light Squid wants me to enable "Enable Acces Logging" checkbox on Squid. If i download the log file to my computer and open with notepad i can see the logs with mac....But as i said i can not see on Light Squid....Is there any way to see the logs with mac on Light Squid?

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.