Thanks for these answers.
--- Christoph Haas <email@christoph-haas.de> wrote:
>
> Set 'debug_options ALL,1 33,2' in your squid.conf
> and run 'squid -k
> reconfig'. The cache.log should then tell you why an
> access is denied.
>
So, Googling for "debug_options ALL,1 33,2" I see this
is an FAQ..
According to my debug-sections.txt, section 33 is
"Client-side Routines" while section 28 is for Access
Control. I need more info on the granularity possible
with debug_options. I'm also thinking that, as we send
a lot of denials for just a few ACLs, this could
become another huge log.
--- Joost de Heer <sanguis@xs4all.nl> wrote:
>
> Link a unique error document to the acl, using
> deny_info.
>
I like to use these for some ACLs - it's made easy
with Webmin. But for others we don't want to let the
evildoers know why they've been denied.
What would be neat would be a way to log certain
errors to cache.log rather than send an error page.
Ken
> > I have seen this question asked before but I have
> > been unable to find the answer.
> >
> > Using squid-2.5.STABLE9 as reverse proxy, I try to
> > defend my server against assorted nasties using
> > lots of 'src' and 'browser' acls.
> >
> > But in access.log, when a 403 is reported, there
> > seems to be no way to detect which rule has been
invoked
> > to deny access.
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Received on Thu Aug 25 2005 - 05:18:22 MDT
This archive was generated by hypermail pre-2.1.9 : Thu Sep 01 2005 - 12:00:02 MDT