On 06/23/2018 04:38 PM, senor wrote: > Hi all, > > I've noticed that a tunneled 443 request is not logged to access.log > until the client or server terminate which can be a long time. Yes, CONNECT tunnels are logged when the tunnel is over (i.e., Squid is done talking to the client and server). This log-at-the-end approach is similar to other transactions (which may also take a very long time). > Is it possible to get squid to log the CONNECT at tunnel initiation? It is possible to be notified about CONNECT requests via eCAP and ICAP interfaces as well as via external ACL helpers. It is not possible to log the CONNECT request/response before the tunnel is over. One could, in principle, separate CONNECT request/response messages from the established tunnel, and log each "phase" of the tunnel transaction separately, but I am not sure that is a good idea -- it is not clear to me why a CONNECT tunnel should be treated differently from any other HTTP transaction where the both client and server may send request and response body bytes concurrently (and for a long time). What problem are you trying to solve? Alex. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
