Chris Robertson wrote:
> Jon Gregory wrote:
>> Hi Chris,
>>
>> Thank you for the response.
>>
>> Yes, the third column of the log shows the host IP of the machine
>> requesting pages.
>>
>
> Hmmm... Are the ACLs defined in the config file above the access_log
> directives? Do you see anything interesting in cache_log when you start
> Squid? Does your logging Squid act as a parent for another server?
>
> With the information provided, I would expect it to work in the same
> manner you do. I find it VERY interesting that you can separate the
> logging on authentication details, but not source IP.
Only interesting if the clients are connecting directly to Squid.
There is a growing inclination for admin to use network design choices
that remove their hopes of tracking information.
* Interception done on a remote box with DNAT to "route" traffic at Squid.
* Mti-level NAT on any inbound hop at all for that matter.
* Multi-stage proxies such as squidguard before it enters Squid.
* Multi-layers of Squid with Forwarded-For and via turned off.
Amos
-- Please be using Current Stable Squid 2.7.STABLE6 or 3.0.STABLE16 Current Beta Squid 3.1.0.8Received on Sat Jun 20 2009 - 04:46:47 MDT
This archive was generated by hypermail 2.2.0 : Sat Jun 20 2009 - 12:00:03 MDT