Search squid archive

Re: add DENIED tag by redirector for easy identification in logfile

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 1/11/2012 12:07 a.m., Amm wrote:
Hi

I wanted to know if url_rewrite_program can add a TAG for logging.

Not for tags output by the helper program itself. I am currently working on a project to clean up and combining the Squid helper interfaces such that for example; url_rewrite_program and external_acl_type helpers can return the same set of key=value details and have them do/mean the same things. If you are interested in sponsoring any code development towards that please contact me off-list about payment details.


I have a redirector which blocks certain sites. But in squid logs
there is no way to indicate if redirector blocked it.

NOTE: redirectors do not "block" anything. They redirect. Possibly to a location which does not exist, or a page containing the word "blocked".

As per this, there is already a tag called DENIED when request is
rejected by acl.
http://wiki.squid-cache.org/SquidFaq/SquidLogs#access.log

I would like that redirector should also have ability to add a tag,
say same one, DENIED.

Um, REDIRECT tag is documented 6 lines above DENIED. Please upgrade to Squid-3.2 where this logging is available by default already. Or re-build your Squid with the -DLOG_TCP_REDIRECTS compiler flag.

In all Squid whether they use that tag or not Squid will log a 301, 302, 303, or 307 status code along with "NONE/-" as the server contacted if url_rewrite_program redirected the request. If there is anything else in the upstream server field it means the 3xx status logged was generated by that server, not by Squid.

If you are confusing re-write operation with "redirect". Then of course nothing is logged, because all Squid did was alter the *text* of the URL before fetching it. No redirect was done.

So that its easy to identify the blocked requests (either by acl
or by redirector)

access controls (ACLs):
 * deny permission to access a requested resource
 * block the request from accessing the resource

redirectors:
 * redirect to an alternative resource.
 * do not block the response

Similar feature already exists for external_acl_type:
http://www.squid-cache.org/Doc/config/external_acl_type/


which says: tag =Apply a tag to a request (for both ERR and OK results)

So can redirector do the same?

Not yet. see above about sponsorship to get early access to that ability and a faster time on the implementation.

Amos


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux