On 12/04/2016 5:52 p.m., Dan Charlesworth wrote: > We have an External ACL Type with %ssl::>sni and %URI > > We get access log lines that record the %ssl::>sni just fine, but the corresponding line sent to our external ACL is missing it. > > For example, from the same request; > > Log: 12/Apr/2016-15:42:47 608 10.0.1.60 TAG_NONE 200 0 CONNECT 23.111.9.31:443 code.jquery.com - peek - ORIGINAL_DST/23.111.9.31 - - > > Line sent to Ext. ACL: 23.111.9.31:443 - > > — > > Not sure if many people on this list use external ACLs as much, but anyone encountered this? >From the silence it would seem not. But most likely its not a very commonly used config setting yet. It could be you are using the ACL just prior to the SNI being peeked at. The ACL is pulling its value straight from the TCP connection state so not even any temporary location involved that could be out of sync. I dont recall there having been any significant changes to the external ACL code since it went in. There may have been some changes that affected it on the SSL-Bump side, but unlikely. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
