Thanks Alex. I will try out the change with the config defaults in cd.data.pre in a test env for now and wait for the PR with the fix to be upstreamed.
Praveen
On Mon, Jan 24, 2022 at 8:38 PM Alex Rousskov <rousskov@xxxxxxxxxxxxxxxxxxxxxxx> wrote:
On 1/24/22 7:24 PM, Praveen Ponakanti wrote:
> Hi,
>
> I am running squid version 4.17 and have not been able to disable the
> reverse DNS lookups it does on each client's IP address. Found the
> thread below that discusses this; I have attempted adding the following
> config knobs, but it still does not disable the reverse lookups. I do
> not have any logformat containing ">A" or "<A".
>
> store_id_extras "%>a %un %>rm myip=%la myport=%lp"
> url_rewrite_extras "%>a %un %>rm myip=%la myport=%lp"
>
> http://lists.squid-cache.org/pipermail/squid-users/2016-February/009109.html
>
> The proposed solution seems to be to change the following lines and
> recompile. If this is still the recommended fix, can it be upstreamed in
> an upcoming release?
>
> https://github.com/squid-cache/squid/blob/master/src/cf.data.pre#L6042
> https://github.com/squid-cache/squid/blob/master/src/cf.data.pre#L6136
The above change of squid.conf defaults will probably work for you, but
it will also break some deployments affected by this bug because the
current code implicitly relies on those defaults triggering lookups.
Thus, it is probably not the right solution for upstreaming. The PR
mentioned below discusses specifics (see item #1 in the PR description).
The solution proposed for upstreaming is at
https://github.com/squid-cache/squid/pull/912
It does not require changing squid.conf defaults and has no (known to
me) other serious flaws.
HTH,
Alex.
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
