Search squid archive

RE: Ignore requests from certain hosts in access_log

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Amos,

Same results.  Nothing coming from the load balancers is being logged (even requests using X-Forwarded-For).  Here is my configuration:

acl loadbalancers src x.x.x.y/255.255.255.255
acl loadbalancers src x.x.x.z/255.255.255.255

follow_x_forwarded_for allow loadbalancers
log_uses_indirect_client on
acl_uses_indirect_client on

# Define Logging (do not log loadbalancer health checks)
access_log /var/log/squid/access.log squid
log_access deny !loadbalancers

Without the "log_access" directive enabled, all requests are logged using their X-Forwarded-For source address:

1268749629.423    354 172.26.100.23 TCP_MISS/200 1475 GET http://webmail.blah.net/? - DIRECT/72.29.72.189 text/plain

These are the types of requests that I am trying to prevent from being logged:

1268749630.481      0 x.x.x.y TCP_DENIED/400 2570 GET error:invalid-request - NONE/- text/html

(where x.x.x.y is the load balancer, and the request is a "health check" of the web proxy service)

Thanks,

Josh

-----Original Message-----
From: Amos Jeffries [mailto:squid3@xxxxxxxxxxxxx] 
Sent: Monday, March 15, 2010 6:52 PM
To: squid-users@xxxxxxxxxxxxxxx
Subject: Re:  Ignore requests from certain hosts in access_log

On Mon, 15 Mar 2010 12:15:49 -0500, "Baird, Josh" <jbaird@xxxxxxxxxxx>
wrote:
> Ok, that sort of worked.  I have a pair of load balancers sitting in
> front of my Squid proxy farm. The load balancers insert the
> X-Forwarded-For header into each HTTP request which allows Squid to log
> their connections using their real client source IP (extracted from
> X-Forwarded-For).  In reality, the connections to the squid servers are
> being made directly from the load balancers.
> 
> When I use log_access to deny logging to the load balancer's IP
> addresses, -nothing- gets logged to access_log.  I am attempting to not
> log the "health HTTP checks" from 10.26.100.130/10.26.100.131 but still
> log the other traffic.  It doesn't seem that log_access is
> X-Forwarded-For aware?  Any ideas?
> 
> acl loadbalancers src 10.26.100.130/255.255.255.255
> acl loadbalancers src 10.26.100.131/255.255.255.255
> log_access deny !loadbalancers

Ah, you will require these as well:
 # to trust what the load balancers report for XFF
 follow_x_forwarded_for allow loadbalancers

 # to use the XFF details in the logs
 log_uses_indirect_client on

 # to use the XFF details in ACL tests
 # telling loadbalancer generated requests from relayed
 acl_uses_indirect_client on


Amos


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux