Search squid archive

Re: strip_query_terms by acl?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




My previous e-mail bounced back.

<squid-users@xxxxxxxxxxxxxxx>: Mail server for "squid-cache.org" unreachable for too long

So reposting, sorry if already it had reached the group.

----- Original Message -----
> From: Amos Jeffries <squid3@xxxxxxxxxxxxx>

>> On 20/07/2013 2:04 p.m., Amm wrote:

>>  Hello,
>> 
>>  Squid already has option to log FULL query. i.e strip_query_terms off.
>> 
>>  I would like to know is there any way to log FULL query only for particular 
> acl?


> Not in the existing Squid.
> 
> It could be added fairly easily, but the utility of doing it is very 
> small. The major gain from stripping such terms is to protect stupid 
> security systems which do things like place credentials or users private 
> details in the query-string portion of URLs.


Yes that is why I am asking, I do not want to log everything, just search
queries made. So basically do not want to violate privacy of anyone.

If it is easy to add, can you provide some hints on which files or what
functions to change?


>>  I am asking this because, I do not want log file to get full by recording 
>> everything, just wanted queries recorded for few cases.
 
> If you are worried about query-string filling logs then you have bigger 
> problems. A simple flood of rejected requests could dump far more 
> content into your logs than query-strings on normal traffic do.

No I am not worried about someone trying to flood. But why
record unwanted things?

With acl based recording, only selected stuff can be recorded. It
will also save disk I/Os and disk space.

There will be hardly 100 search requests in average 100000 lines
of log.

So logging everything just for 100 search queries is excessive.

That is why I was looking for this feature.


> If this is an actual problem I suggest looking at making yourself a 
> daemon helper, you can do anything you like with the log lines in the 
> daemon. Our squid-3.3 daemon does some basic checks on file size and 
> rotates the logs if they get too big, in addition to the squid-requested 
> rotations.
>   Or one of the other network I/O logging modules can send logs to a 
> machine with more space available.

Writing helper etc for small thing is a big ask. But if simple acl based
filtering can be implemented it would be great and in my opinion best
place to do.


> Amos

Thanks for your replies.

Amm





[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux