Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid3 "access_log acl" not working.

    Scheduled Pinned Locked Moved
    Cache/Proxy
    1
    3
    1.7k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • cyber7C
      cyber7
      last edited by

      Hi Guys
      2.2.2 with Squid3
      I am trying to exclude an IP out of the access_log (/var/squid/log/access.log) on my system and using:

      acl log-test src <ip>access_log none log-test</ip>

      I still get the IP logged into my access log…

      In 2.1 it worked no problem, but it was different:

      acl log-test src <ip>log_access deny log-test</ip>

      Any ideas?
      kind regards
      cyber7 (aka Aubrey Kloppers; Cape Town South Africa)

      When you pause to think, do you start again?

      2.2.4-RELEASE (amd64)
      built on Sat Jul 25 19:57:37 CDT 2015
      FreeBSD 10.1-RELEASE-p15
      and
      pfSense 2.3.2-RELEASE-p1 (amd64 full-install) on pfSense

      1 Reply Last reply Reply Quote 0
      • cyber7C
        cyber7
        last edited by

        ps - even tried:

        access_log /var/squid/log/access.log !log-test

        also not working…

        When you pause to think, do you start again?

        2.2.4-RELEASE (amd64)
        built on Sat Jul 25 19:57:37 CDT 2015
        FreeBSD 10.1-RELEASE-p15
        and
        pfSense 2.3.2-RELEASE-p1 (amd64 full-install) on pfSense

        1 Reply Last reply Reply Quote 0
        • cyber7C
          cyber7
          last edited by

          Hi Guys
          I think I found a bug:
          When the option "Enable logging" is ON and you specify exclusions of IP's through ACL's, these ACL's do not get honoured, BUT If you switch "Enable logging" OFF and you specify your logfile in your ACL, it gets excluded.

          Actually, If you leave "Enable logging" is ON and specify your logfile in your ACL, the entry gets duplicated except for the excluded IP…

          Example ACL:

          acl IP-LIST src "/root/ip-list.txt"
access_log /var/squid/log/access.log !IP-LIST

          • If the "Enable logging" OFF - You get one logfile entry in your logfile and the excluded IP's are excluded.

          • If the "Enable logging" ON - You get two logfile entries and the excluded IP's gets logged once.

          So, it seems there needs to be some kind of "PRE PROCESSING" needed to exclude IP's from your logfile…

          Please could someone confirm?
          kind regards
          cyber7 - AKA Aubrey Kloppers; Cape Town; South Africa

          When you pause to think, do you start again?

          2.2.4-RELEASE (amd64)
          built on Sat Jul 25 19:57:37 CDT 2015
          FreeBSD 10.1-RELEASE-p15
          and
          pfSense 2.3.2-RELEASE-p1 (amd64 full-install) on pfSense

          1 Reply Last reply Reply Quote 0
          • First post
            Last post