On 09/22/2017 09:27 AM, Eric Lackey wrote: > This is all working well except for the fact that we don’t have a > good way to determine what is being blocked. All transactions, including blocked ones, must be logged to access.log. Squid had several bugs in this area. All known bugs (within this discussion scope) should be fixed in the latest v5. I am not sure about the latest v3, but I do see at least some of the fixes in v4. For example: https://github.com/squid-cache/squid/commit/da6dbcd110f7603f6d4cd9b3eef749311293fe77 Going forward: * If something is not logged in the latest v3, then please consider upgrading to v4. Filing a bug report in Bugzilla (see below) for v3 might motivate somebody to backport the fixes, but if the bug is fixed in v4, then upgrading may be an overall better option, especially if you use SslBump. * If something is not logged in the latest v4 or v5, then please consider filing a bug report in Bugzilla. Attaching an ALL,9 cache.log while reproducing the issue using a single transaction on an otherwise idle Squid will help developers triage your bug report. Thank you, Alex. P.S. You do not need the "step3" ACL in the configuration below. > acl allowed_https_sites ssl::server_name_regex "/etc/squid/allowed_sites" > > ssl_bump peek all > ssl_bump splice allowed_https_sites > ssl_bump terminate step3 all _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
