On 23/07/2013 3:54 p.m., Amm wrote:
My previous e-mail bounced back.
<squid-users@xxxxxxxxxxxxxxx>: Mail server for "squid-cache.org" unreachable for too long
So reposting, sorry if already it had reached the group.
----- Original Message -----
From: Amos Jeffries <squid3@xxxxxxxxxxxxx>
On 20/07/2013 2:04 p.m., Amm wrote:
Hello,
Squid already has option to log FULL query. i.e strip_query_terms off.
I would like to know is there any way to log FULL query only for particular
acl?
Not in the existing Squid.
It could be added fairly easily, but the utility of doing it is very
small. The major gain from stripping such terms is to protect stupid
security systems which do things like place credentials or users private
details in the query-string portion of URLs.
Yes that is why I am asking, I do not want to log everything, just search
queries made. So basically do not want to violate privacy of anyone.
If it is easy to add, can you provide some hints on which files or what
functions to change?
src/url.cc at the end of the function urlCanonicalClean() you can see
the comment highlighting it. You need to generate an ACLFilledChecklist
and run fastCheck() on it.
There is maybe an alternative in teh current Squid though...
There are several request-URI formatting codes for logging. The native
squid format uses "%ru" which is filtered by strip_query_terms for
logging. But the others %>ru and %<ru use the unfiltered URL path.
You could use two different access_log lines with slightly different
formats and ACLs selecting which one does the logging for any given request.
Amos
