----- Original Message -----
> From: Amos Jeffries <squid3@xxxxxxxxxxxxx>
> To: squid-users@xxxxxxxxxxxxxxx
> Cc:
> Sent: Friday, 8 March 2013 2:47 AM
> Subject: Re: Bypassing SSL Bump for dstdomain
>
> On 7/03/2013 10:54 p.m., Amm wrote:
>> ----- Original Message -----
>> [%h{Host}] was giving error, so i changed it to [%{Host}>h]
>>
>> Here is output:
>> ABCD.net.in/1.2.3.4:33307 -> 173.194.36.16:443 (-:8081) :::0 ->
> www.google.com/2404:6800:4009:802::1011:443 [www.google.com]
>>
>> Notice :::0 - somewhere it thinks its IPv6??
>>
>> If domain has just IPv4 address and no IPv6 address:
>>
>> ABCD.net.in/1.2.3.4:58347 -> 174.122.92.66:443 (-:8081) 0.0.0.0:0 ->
> www.bigrock.com/174.122.92.65:443 [www.bigrock.com]
>>
>>
>> If i use dns_v4_first, it logs IPv4 address.
>>
>> ABCD.mtnl.net.in/1.2.3.4:33559
>> -> 74.125.236.147:443 (-:8081) 0.0.0.0:0 ->
>> www.google.com/74.125.236.146:443 [www.google.com]
>>
>> Notice the change in IP address though. But may be that is expected as
> squid does its own DNS lookup and picks other IP.
> Okay that zero IP:port on the outbound confirmed my suspicion about what
> the code was doing. When using a pinned connection it is not setting the
> real connection details into the log.
>> Applying and trying patch will take about a day. Will let you know once I
>> do.
> Thanks.
> The above log entry implies it should be the fix, but I will still need
> confirmation of that.
>
> Amos
I just applied the patch and it now logs IPv4 address correctly.
But earlier it was showing word PINNED now it shows HIER_DIRECT. I am not sure if it is right or wrong.
1362709553.045 172 1.2.3.4 TCP_MISS/302 1138 GET https://www.google.com/ - HIER_DIRECT/74.125.236.146 text/html
test.log file just incase you want to have a look.
ABCD.net.in/1.2.3.4:33007 -> 74.125.236.145:443 (-:8081) 1.2.3.4:33008 -> www.google.com/74.125.236.145:443 [www.google.com]
Thanks for the patch.
Regards
Amm.
