On Jun 22, 2009, at 8:10 PM, Amos Jeffries wrote:
On Mon, 22 Jun 2009 11:57:27 -0500, Jeffrey Goldberg <jeffrey@xxxxxxxxxxxx
>
wrote:
With multiple access_log directives with acls, does matching stop at
the first hit or will a single request log to all matching access_log
directives?
No, all lines are considered for each logging event. _any_ which
match get
the entry recorded.
Thank you. That answers my question. It's been nearly 10 years since
I've worked with Squid, and along with new things, I've got a lot to
re-learn.
To split them fully you may want:
access_log /usr/local/squid/logs/access.log squidanon PERSIA
access_log /usr/local/squid/logs/access.log squid !PERSIA
OK. That is what I actually had used, since it would do what I wanted
under either interpretation. Now that I know which interpretation is
correct, I've got even better reason for this.
Thank you.
The rest of this message of probably Off-topic, but I will inform
y'all that there may be a lot of new users for squid who have little
concept in what it can do. (Considering how many different kinds of
tasks Squid is well suited for -- from web server acceleration to net-
nanny -- I guess that really isn't a big surprise.)
Background:
As this list probably knows, there is an effort to set up HTTP proxy
to help people from Iran evade national filters.
You are the first to mention it specifically here. It's nothing
special.
Many people do this all the time to fight back against various
countries
and various organizations policies.
The blog that is coordinating the effort is here.
http://blog.austinheap.com/
The people coordinating the effort have the contacts in Iran for
distributing IP addresses and ports, but were not themselves well
versed in squid configuration. The quality of the information has
improved over the past few days. I've been chiming in
http://jpgoldberg.blogspot.com/
mostly filling in some background for squid set up. The difficulty is
that we have ordinary home users setting up squid, and even if they do
get it installed properly and configured correctly, there appear to be
many who don't punch the right sorts of holes in their off-the-self
routers/firewalls.
Cheers,
-j
--
Jeffrey Goldberg http://www.goldmark.org/jeff/