On 26/04/2016 3:51 a.m., Stephen Borrill wrote: > Is there a way to log which ACL caused a block with http_access? This > information is present for deny_info to use, but I cannot see a entry I > can add to logformat to present such a thing in a custom log format (if > using an external acl helper, you can spoof something up with the et and > ea formats). > There is no single ACL which does so. Even if you configure only one ACL name per access control line in all access controls of squid.conf it is sequences of ACLs both matching and non-matching (across multiple access control types) which lead to a particular denial *line* happening. The deny_info is not logging any single one ACL that did blocking. It is logging the ACL name to which the deny_info action is attached. Same for the external_acl_type %ACL parameter displaying the ACL it has been called on. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
