On 7/19/22 08:05, Dieter Bloms wrote:
Hello, I wrote a little external acl helper and want squid to put the destination fqdn _and_ the destination ip to it. I found the parameter %DST and this is filled with the destination fqdn. Is there also a parameter for the destination ip squid want's to connect to ?
To answer your exact question, no, there is not. Until Squid actually starts connecting to a cache_peer or origin server, it does not know the destination IP(s). Those addresses become known only in the process of finding the right destination(s), resolving their names, determining whether to use IPv4 or IPv6, and establishing (or reusing) a TCP connection to the chosen IP address. Until then, %<a is not available.
I am not sure what the first squid.conf directive (with slow ACLs support) "guaranteed" to have filled %<a is. There is probably one before http_reply_access, but the exact directive depends on your configuration/environment.
Most likely, we should add configuration directive(s) (with slow ACLs support) that are applied soon after the IP address becomes known. One of them could be used, for example, to reject chosen destination IP addresses before Squid starts using them.
HTH, Alex. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
