Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Squid3 "access_log acl" not working.

    Cache/Proxy
    1
    3
    1339
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • cyber7
      cyber7 last edited by

      Hi Guys
      2.2.2 with Squid3
      I am trying to exclude an IP out of the access_log (/var/squid/log/access.log) on my system and using:

      acl log-test src <ip>access_log none log-test</ip>

      I still get the IP logged into my access log…

      In 2.1 it worked no problem, but it was different:

      acl log-test src <ip>log_access deny log-test</ip>

      Any ideas?
      kind regards
      cyber7 (aka Aubrey Kloppers; Cape Town South Africa)

      1 Reply Last reply Reply Quote 0
      • cyber7
        cyber7 last edited by

        ps - even tried:

        access_log /var/squid/log/access.log !log-test

        also not working…

        1 Reply Last reply Reply Quote 0
        • cyber7
          cyber7 last edited by

          Hi Guys
          I think I found a bug:
          When the option "Enable logging" is ON and you specify exclusions of IP's through ACL's, these ACL's do not get honoured, BUT If you switch "Enable logging" OFF and you specify your logfile in your ACL, it gets excluded.

          Actually, If you leave "Enable logging" is ON and specify your logfile in your ACL, the entry gets duplicated except for the excluded IP…

          Example ACL:

          acl IP-LIST src "/root/ip-list.txt"
          access_log /var/squid/log/access.log !IP-LIST
          
          • If the "Enable logging" OFF - You get one logfile entry in your logfile and the excluded IP's are excluded.

          • If the "Enable logging" ON - You get two logfile entries and the excluded IP's gets logged once.

          So, it seems there needs to be some kind of "PRE PROCESSING" needed to exclude IP's from your logfile…

          Please could someone confirm?
          kind regards
          cyber7 - AKA Aubrey Kloppers; Cape Town; South Africa

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy