Re: [squid-users] log_referrer question
On 22/05/24 07:51, Alex Rousskov wrote:
On 2024-05-21 13:50, Bobby Matznick wrote:
I have been trying to use a combined log format for squid. The below
line in the squid config is my current attempt.
logformat combined %>a %[ui %[un [%tl "%rm %ru HTTP/%rv" %>Hs %"%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
Please do not redefine built-in logformat configurations like "squid"
and "combined". Name and define your own instead.
For built-in formats do not use logformat directive at all. Just
configure the log output:
access_log daemon:/var/log/squid/access.log combined
As Alex said, please do not try to re-define the built-in formats. If
you must define *a* format with the same/similar details, use a custom
name for yours.
So, checked with squid -v and do not see “—enable-referrer_log” as one
of the configure options used during install. Would I need to
reinstall, or is that no longer necessary in version 4.13?
referer_log and the corresponding ./configure options have been removed
long time ago, probably before v4.13 was released.
Since Squid v3.2 that log has been a built-in logformat. Just configure
a log like this:
access_log daemon:/var/log/squid/access.log referrer
HTH
Amos
___
squid-users mailing list
squid-users@lists.squid-cache.org
https://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] log_referrer question
On 2024-05-21 14:47, Bobby Matznick wrote:
To add and maybe clarify what my confusion is, the log entries below
(hidden internal/external IP’s, domain and username) don’t seem to show
what I expected, a line marked “referrer”. Am I misunderstanding how
that should show up in the log?
Kind of: HTTP CONNECT requests normally do not have Referer headers.
These requests establish a TCP tunnel to an origin server through Squid.
The "real" requests to origin server are inside that tunnel.
In some cases, it is possible to configure the client and Squid in such
a way that Squid can look inside that tunnel and find "real" requests,
but doing so well requires a lot of effort, including becoming a
Certificate Authority and configuring client to trust certificates
produced by that Certificate Authority. You can search for SslBump to
get more information, but the area is full of insurmountable
difficulties and misleading advice. Avoid it if at all possible.
HTH,
Alex.
--
Message: 1
Date: Tue, 21 May 2024 17:50:49 +
From: Bobby Matznick mailto:bmatzn...@pbandt.bank>>
To: "squid-users@lists.squid-cache.org
<mailto:squid-users@lists.squid-cache.org>"
<mailto:squid-users@lists.squid-cache.org>>
Subject: [squid-users] log_referrer question
Message-ID:
mailto:mw5pr14mb52897188c2ed83596b406151b0...@mw5pr14mb5289.namprd14.prod.outlook.com>>
Content-Type: text/plain; charset="utf-8"
I have been trying to use a combined log format for squid. The below
line in the squid config is my current attempt.
logformat combined %>a %[ui %[un [%tl "%rm %ru HTTP/%rv" %>Hs %"%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
It is working, as far as logging the normal stuff I would see before
having tried to implement referrer. I noticed somewhere that you need to
build squid with -enable-referrer-log, it was an older version, looked
like 3.1 and lower, I am using 4.13. So, checked with squid -v and do
not see "-enable-referrer_log" as one of the configure options used
during install. Would I need to reinstall, or is that no longer
necessary in version 4.13? Thanks!!
Bobby
___
squid-users mailing list
squid-users@lists.squid-cache.org
https://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] log_referrer question
On 2024-05-21 13:50, Bobby Matznick wrote:
I have been trying to use a combined log format for squid. The below
line in the squid config is my current attempt.
logformat combined %>a %[ui %[un [%tl "%rm %ru HTTP/%rv" %>Hs %"%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
Please do not redefine built-in logformat configurations like "squid"
and "combined". Name and define your own instead.
It is working, as far as logging the normal stuff I would see before
having tried to implement referrer. I noticed somewhere that you need to
build squid with –enable-referrer-log, it was an older version, looked
like 3.1 and lower, I am using 4.13.
Please upgrade to v6. Squid v4 is not supported by the Squid Project.
So, checked with squid -v and do
not see “—enable-referrer_log” as one of the configure options used
during install. Would I need to reinstall, or is that no longer
necessary in version 4.13?
referer_log and the corresponding ./configure options have been removed
long time ago, probably before v4.13 was released.
HTH,
Alex.
*From:*squid-users *On
Behalf Of *squid-users-requ...@lists.squid-cache.org
*Sent:* Tuesday, April 23, 2024 6:00 AM
*To:* squid-users@lists.squid-cache.org
*Subject:* [External] squid-users Digest, Vol 116, Issue 31
*Caution:*This is an external email and has a suspicious subject or
content. Please take care when clicking links or opening attachments.
When in doubt, contact your IT Department
Send squid-users mailing list submissions to
squid-users@lists.squid-cache.org
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.squid-cache.org/listinfo/squid-users
or, via email, send a message with subject or body 'help' to
squid-users-requ...@lists.squid-cache.org
You can reach the person managing the list at
squid-users-ow...@lists.squid-cache.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of squid-users digest..."
Today's Topics:
1. Re: Warm cold times (Amos Jeffries)
2. Re: Container Based Issues Lock Down Password and Terminate
SSL (Amos Jeffries)
--
Message: 1
Date: Tue, 23 Apr 2024 19:41:37 +1200
From: Amos Jeffries mailto:squ...@treenet.co.nz>>
To: squid-users@lists.squid-cache.org
Subject: Re: [squid-users] Warm cold times
Message-ID: <9d8f4de6-c797-4e70-aaf5-c073f45c3...@treenet.co.nz
>
Content-Type: text/plain; charset=UTF-8; format=flowed
On 22/04/24 17:42, Jonathan Lee wrote:
> Has anyone else taken up the fun challenge of doing windows update
caching. It is amazing when it works right. It is a complex
configuration, but it is worth it to see a warm download come down that
originally took 30 mins instantly to a second client. I didn?t know how
much of the updates are the same across different vendor laptops.
>
There have been several people over the years.
The collected information is being gathered at
>
If you would like to check and update the information for the current
Windows 11 and Squid 6, etc. that would be useful.
Wiki updates are now made using github PRs against the repository at
>.
> Amazing stuff Squid team.
> I wish I could get some of the Roblox Xbox stuff to cache but it?s a
night to get running with squid in the first place, I had to splice a
bunch of stuff and also wpad the Xbox system.
FWIW, what I have seen from routing perspective is that Roblox likes to
use custom ports and P2P connections for a lot of things. So no high
expectations there, but anything cacheable is great news.
>> On Apr 18, 2024, at 23:55, Jonathan Lee wrote:
>>
>> ?Does anyone know the current warm cold download times for dynamic
cache of windows updates?
>>
>> I can say my experience was a massive increase in the warm download
it was delivered in under a couple mins versus 30 or so to download it
cold. The warm download was almost instant on the second device. Very
green energy efficient.
>>
>>
>> Does squid 5.8 or 6 work better on warm delivery?
There is no significant differences AFAIK. They both come down to what
you have configured. That said, the ongoing improvements may make v6
some amount of "better" - even if only trivial.
>> Is there a way to make 100 percent sure a docker container can?t get
inside the cache?
For Windows I would expect the only "100% sure" way is to completely
forbid access to the disk where the
[squid-users] log_referrer question
To add and maybe clarify what my confusion is, the log entries below (hidden
internal/external IP's, domain and username) don't seem to show what I
expected, a line marked "referrer". Am I misunderstanding how that should show
up in the log? Thanks
1716316179.294 0 ***.***.***.*** TCP_DENIED/407 4048 CONNECT
cc-api-data.adobe.io:443 - HIER_NONE/- text/html
1716316179.297 0 ***.***.***.***TCP_DENIED/407 4048 CONNECT
cc-api-data.adobe.io:443 - HIER_NONE/- text/html
1716316179.310 0 ***.***.***.***TCP_DENIED/407 4048 CONNECT
cc-api-data.adobe.io:443 - HIER_NONE/- text/html
1716316179.313 0 ***.***.***.***TCP_DENIED/407 4112 CONNECT
ib.adnxs.com:443 - HIER_NONE/- text/html
1716316179.316 0 ***.***.***.***TCP_DENIED/407 4144 CONNECT
htlb.casalemedia.com:443 - HIER_NONE/- text/html
1716316179.316 0 ***.***.***.***TCP_DENIED/407 4048 CONNECT
cc-api-data.adobe.io:443 - HIER_NONE/- text/html
1716316179.318 0 ***.***.***.***TCP_DENIED/407 4172 CONNECT
fastlane.rubiconproject.com:443 - HIER_NONE/- text/html
1716316179.320 0 ***.***.***.***TCP_DENIED/407 4152 CONNECT
hbopenbid.pubmatic.com:443 - HIER_NONE/- text/html
1716316179.322 20103 ***.***.***.***TCP_TUNNEL/200 3363 CONNECT
th.bing.com:443 ***\\Username HIER_DIRECT/***.***.***.***-
1716316179.324 0 ***.***.***.***TCP_DENIED/407 4132 CONNECT
bidder.criteo.com:443 - HIER_NONE/- text/html
1716316179.328 0 ***.***.***.***TCP_DENIED/407 4048 CONNECT
cc-api-data.adobe.io:443 - HIER_NONE/- text/html
1716316179.331 0 ***.***.***.***TCP_DENIED/407 4048 CONNECT
cc-api-data.adobe.io:443 - HIER_NONE/- text/html
From: squid-users On Behalf Of
squid-users-requ...@lists.squid-cache.org
Sent: Tuesday, May 21, 2024 11:51 AM
To: squid-users@lists.squid-cache.org
Subject: [External] squid-users Digest, Vol 117, Issue 23
Send squid-users mailing list submissions to
squid-users@lists.squid-cache.org<mailto:squid-users@lists.squid-cache.org>
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.squid-cache.org/listinfo/squid-users<https://lists.squid-cache.org/listinfo/squid-users>
or, via email, send a message with subject or body 'help' to
squid-users-requ...@lists.squid-cache.org<mailto:squid-users-requ...@lists.squid-cache.org>
You can reach the person managing the list at
squid-users-ow...@lists.squid-cache.org<mailto:squid-users-ow...@lists.squid-cache.org>
When replying, please edit your Subject line so it is more specific
than "Re: Contents of squid-users digest..."
Today's Topics:
1. log_referrer question (Bobby Matznick)
--
Message: 1
Date: Tue, 21 May 2024 17:50:49 +
From: Bobby Matznick mailto:bmatzn...@pbandt.bank>>
To:
"squid-users@lists.squid-cache.org<mailto:squid-users@lists.squid-cache.org>"
mailto:squid-users@lists.squid-cache.org>>
Subject: [squid-users] log_referrer question
Message-ID:
mailto:mw5pr14mb52897188c2ed83596b406151b0...@mw5pr14mb5289.namprd14.prod.outlook.com>>
Content-Type: text/plain; charset="utf-8"
I have been trying to use a combined log format for squid. The below line in
the squid config is my current attempt.
logformat combined %>a %[ui %[un [%tl "%rm %ru HTTP/%rv" %>Hs %h" "%{User-Agent}>h" %Ss:%Sh
It is working, as far as logging the normal stuff I would see before having
tried to implement referrer. I noticed somewhere that you need to build squid
with -enable-referrer-log, it was an older version, looked like 3.1 and lower,
I am using 4.13. So, checked with squid -v and do not see
"-enable-referrer_log" as one of the configure options used during install.
Would I need to reinstall, or is that no longer necessary in version 4.13?
Thanks!!
Bobby
From: squid-users
mailto:squid-users-boun...@lists.squid-cache.org>>
On Behalf Of
squid-users-requ...@lists.squid-cache.org<mailto:squid-users-requ...@lists.squid-cache.org>
Sent: Tuesday, April 23, 2024 6:00 AM
To: squid-users@lists.squid-cache.org<mailto:squid-users@lists.squid-cache.org>
Subject: [External] squid-users Digest, Vol 116, Issue 31
Caution: This is an external email and has a suspicious subject or content.
Please take care when clicking links or opening attachments. When in doubt,
contact your IT Department
Send squid-users mailing list submissions to
squid-users@lists.squid-cache.org<mailto:squid-users@lists.squid-cache.org<mailto:squid-users@lists.squid-cache.org%3cmailto:squid-users@lists.squid-cache.org>>
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.squid-cache.org/listinfo/squid-users<https://lists.squid-cache.org/listinfo/squid-users><https://lists.squid-cache.org/listinfo/squid-users<https://lists.squid-cache.org/listinfo/squid-users>>
or, via email, send a message with subject or
[squid-users] log_referrer question
I have been trying to use a combined log format for squid. The below line in
the squid config is my current attempt.
logformat combined %>a %[ui %[un [%tl "%rm %ru HTTP/%rv" %>Hs %h" "%{User-Agent}>h" %Ss:%Sh
It is working, as far as logging the normal stuff I would see before having
tried to implement referrer. I noticed somewhere that you need to build squid
with -enable-referrer-log, it was an older version, looked like 3.1 and lower,
I am using 4.13. So, checked with squid -v and do not see
"-enable-referrer_log" as one of the configure options used during install.
Would I need to reinstall, or is that no longer necessary in version 4.13?
Thanks!!
Bobby
From: squid-users On Behalf Of
squid-users-requ...@lists.squid-cache.org
Sent: Tuesday, April 23, 2024 6:00 AM
To: squid-users@lists.squid-cache.org
Subject: [External] squid-users Digest, Vol 116, Issue 31
Caution: This is an external email and has a suspicious subject or content.
Please take care when clicking links or opening attachments. When in doubt,
contact your IT Department
Send squid-users mailing list submissions to
squid-users@lists.squid-cache.org
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.squid-cache.org/listinfo/squid-users
or, via email, send a message with subject or body 'help' to
squid-users-requ...@lists.squid-cache.org
You can reach the person managing the list at
squid-users-ow...@lists.squid-cache.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of squid-users digest..."
Today's Topics:
1. Re: Warm cold times (Amos Jeffries)
2. Re: Container Based Issues Lock Down Password and Terminate
SSL (Amos Jeffries)
--
Message: 1
Date: Tue, 23 Apr 2024 19:41:37 +1200
From: Amos Jeffries mailto:squ...@treenet.co.nz>>
To: squid-users@lists.squid-cache.org
Subject: Re: [squid-users] Warm cold times
Message-ID:
<9d8f4de6-c797-4e70-aaf5-c073f45c3...@treenet.co.nz>
Content-Type: text/plain; charset=UTF-8; format=flowed
On 22/04/24 17:42, Jonathan Lee wrote:
> Has anyone else taken up the fun challenge of doing windows update caching.
> It is amazing when it works right. It is a complex configuration, but it is
> worth it to see a warm download come down that originally took 30 mins
> instantly to a second client. I didn?t know how much of the updates are the
> same across different vendor laptops.
>
There have been several people over the years.
The collected information is being gathered at
>
If you would like to check and update the information for the current
Windows 11 and Squid 6, etc. that would be useful.
Wiki updates are now made using github PRs against the repository at
>.
> Amazing stuff Squid team.
> I wish I could get some of the Roblox Xbox stuff to cache but it?s a night to
> get running with squid in the first place, I had to splice a bunch of stuff
> and also wpad the Xbox system.
FWIW, what I have seen from routing perspective is that Roblox likes to
use custom ports and P2P connections for a lot of things. So no high
expectations there, but anything cacheable is great news.
>> On Apr 18, 2024, at 23:55, Jonathan Lee wrote:
>>
>> ?Does anyone know the current warm cold download times for dynamic cache of
>> windows updates?
>>
>> I can say my experience was a massive increase in the warm download it was
>> delivered in under a couple mins versus 30 or so to download it cold. The
>> warm download was almost instant on the second device. Very green energy
>> efficient.
>>
>>
>> Does squid 5.8 or 6 work better on warm delivery?
There is no significant differences AFAIK. They both come down to what
you have configured. That said, the ongoing improvements may make v6
some amount of "better" - even if only trivial.
>> Is there a way to make 100 percent sure a docker container can?t get inside
>> the cache?
For Windows I would expect the only "100% sure" way is to completely
forbid access to the disk where the cache is stored.
The rest of your questions are about container management and Windows
configuration. Which are kind of off-topic.
Cheers
Amos
--
Message: 2
Date: Tue, 23 Apr 2024 20:03:42 +1200
From: Amos Jeffries mailto:squ...@treenet.co.nz>>
To: squid-users@lists.squid-cache.org
Subject: Re: [squid-users] Container Based Issues Lock
