Re: Reverse DNS Lookup for client IPs

[Stefan Hölzle <stefan@xxxxxxxxxxxx>]

Thanks for the hint.

I switched client_db off. As expected, I don't get any report for client_list in the cachemanager anymore.

However squid still does PTR lookups.

On 04.02.2016 16:09, Yuri Voinov wrote:
>

#  TAG: client_db    on|off
#    If you want to disable collecting per-client statistics,
#    turn off client_db here.
#Default:
# client_db on

Feel free to read squid.conf.documented before.

04.02.16 21:06, Stefan Hölzle пишет:
> On 04.02.2016 14:22, Amos
      Jeffries wrote:

      >> On 5/02/2016 12:41 a.m., Stefan Hölzle wrote:

      >>> Hello,

      >>>

      >>> I'm using a squid configured as proxy.

      >>> According to the cache log, squid is doing a reverse
      dns lookup for

      >>> client ips:

      >>>

      >>> 78,3| dns_internal.cc(1794) idnsPTRLookup:
      idnsPTRLookup: buf is 42

      >>> bytes for SOME_SOURCE_IP

      >>>

      >>> I'm only using the following configuration parameters
      that might be

      >>> relevant for this issue.

      >>> external_acl_type

      >>> acl aclname src

      >>> acl aclname dst

      >>> acl aclname dstdom_regex

      >>> acl aclname port

      >>> acl aclname proxy_auth

      >>> acl aclname external

      >>> acl aclname url_regex

      >>>

      >>> Any ideas why squid is doing PTR lookups anyway ?

      >> Because that list is incomplete.

      >>

      >> The format parameters for external_acl_type, any *_extras
      rules for

      >> helper formats, and logformat rules also may make use of
      the client

      >> hostname (if any).

      >>

      >> Also, anyone viewing the cachemanager clientdb report
      will trigger some

      >> as the report is generated.

      >>

      >> Amos

      >>

      >> _______________________________________________

      >> squid-users mailing list

      >> squid-users@xxxxxxxxxxxxxxxxxxxxx

      >> http://lists.squid-cache.org/listinfo/squid-users

      > Thanks for the quick reply Amos.



      > * Used formats for external_acl_type are: %LOGIN, %SRC

      > * There are no *_extras rules defined (store_id_extras


      <http://www.squid-cache.org/Doc/config/store_id_extras/>,

      > url_rewrite_extras


      <http://www.squid-cache.org/Doc/config/url_rewrite_extras/>)

      > * logformat defaults are used (there should be nothing in
      there

      > responsible for a ptr lookup)



      > I guess its the cachemanager then.

      > There are actually PTR results listed in the client_list of
      the

      > cachemanager.



      > I tried blocking access to the cachemanager by adding the
      folling rule:

      > http_access deny manager



      > However, squid still does PTR lookups.

      > How can I prevent the clientdb reports to be generated ?







      > _______________________________________________

      > squid-users mailing list

      > squid-users@xxxxxxxxxxxxxxxxxxxxx

      > http://lists.squid-cache.org/listinfo/squid-users

> > > > _______________________________________________ > squid-users mailing list > squid-users@xxxxxxxxxxxxxxxxxxxxx > http://lists.squid-cache.org/listinfo/squid-users

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users