On 05/12/2016 04:04 PM, David Touzeau wrote: > > acl CODE_TCP_DENIED http_status 407 > access_log none CODE_TCP_DENIED > > > > But squid claim : > > 2016/05/12 23:44:07 kid1| WARNING: CODE_TCP_DENIED ACL is used in > context without an HTTP response. Assuming mismatch. > > > Why this rule is wrong ? Squid attempts to log every access(*). Sometimes, Squid is accessed, but there is no response to log(**). Your rule assumes that there is always a response. Squid warns that your assumption is wrong for the specific access it is logging. If there is no ACL that can be used to test the presence of a response (and a request) in a master transaction [without triggering such warnings], then we should add it. Also, some Squids have bugs where there _is_ a response but Squid logging code does not know about it. If you are running a relatively recent Squid v4 release, you might be hitting one of those bugs (although I would expect more/different error messages in that case). Endnotes: (*) Squid fails to log certain accesses. We are fixing one of those bugs right now. (**) Imagine, for example, a client that starts sending an HTTP request but closes the connection to Squid before finishing. Depending on what state Squid was in when the connection got closed, there may be no response created for that unfinished request. HTH, Alex. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users