Thanks for these answers. --- Christoph Haas <email@xxxxxxxxxxxxxxxxx> wrote: > > Set 'debug_options ALL,1 33,2' in your squid.conf > and run 'squid -k > reconfig'. The cache.log should then tell you why an > access is denied. > So, Googling for "debug_options ALL,1 33,2" I see this is an FAQ.. According to my debug-sections.txt, section 33 is "Client-side Routines" while section 28 is for Access Control. I need more info on the granularity possible with debug_options. I'm also thinking that, as we send a lot of denials for just a few ACLs, this could become another huge log. --- Joost de Heer <sanguis@xxxxxxxxx> wrote: > > Link a unique error document to the acl, using > deny_info. > I like to use these for some ACLs - it's made easy with Webmin. But for others we don't want to let the evildoers know why they've been denied. What would be neat would be a way to log certain errors to cache.log rather than send an error page. Ken > > I have seen this question asked before but I have > > been unable to find the answer. > > > > Using squid-2.5.STABLE9 as reverse proxy, I try to > > defend my server against assorted nasties using > > lots of 'src' and 'browser' acls. > > > > But in access.log, when a 403 is reported, there > > seems to be no way to detect which rule has been invoked > > to deny access. > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
