Chris Robertson wrote:
Jon Gregory wrote:
Hi Chris,
Thank you for the response.
Yes, the third column of the log shows the host IP of the machine
requesting pages.
Hmmm... Are the ACLs defined in the config file above the access_log
directives? Do you see anything interesting in cache_log when you start
Squid? Does your logging Squid act as a parent for another server?
With the information provided, I would expect it to work in the same
manner you do. I find it VERY interesting that you can separate the
logging on authentication details, but not source IP.
Only interesting if the clients are connecting directly to Squid.
There is a growing inclination for admin to use network design choices
that remove their hopes of tracking information.
* Interception done on a remote box with DNAT to "route" traffic at Squid.
* Mti-level NAT on any inbound hop at all for that matter.
* Multi-stage proxies such as squidguard before it enters Squid.
* Multi-layers of Squid with Forwarded-For and via turned off.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE6 or 3.0.STABLE16
Current Beta Squid 3.1.0.8
