On Mon, 15 Mar 2010 12:15:49 -0500, "Baird, Josh" <jbaird@xxxxxxxxxxx> wrote: > Ok, that sort of worked. I have a pair of load balancers sitting in > front of my Squid proxy farm. The load balancers insert the > X-Forwarded-For header into each HTTP request which allows Squid to log > their connections using their real client source IP (extracted from > X-Forwarded-For). In reality, the connections to the squid servers are > being made directly from the load balancers. > > When I use log_access to deny logging to the load balancer's IP > addresses, -nothing- gets logged to access_log. I am attempting to not > log the "health HTTP checks" from 10.26.100.130/10.26.100.131 but still > log the other traffic. It doesn't seem that log_access is > X-Forwarded-For aware? Any ideas? > > acl loadbalancers src 10.26.100.130/255.255.255.255 > acl loadbalancers src 10.26.100.131/255.255.255.255 > log_access deny !loadbalancers Ah, you will require these as well: # to trust what the load balancers report for XFF follow_x_forwarded_for allow loadbalancers # to use the XFF details in the logs log_uses_indirect_client on # to use the XFF details in ACL tests # telling loadbalancer generated requests from relayed acl_uses_indirect_client on Amos
