%>la for intercepted connections
This patch adjusts the %>la logformat code handling for intercepted
connections
based on the following rules:
- If the corresponding http_port or https_port option has an explicit
listening host name or IP address, then log the IP address.
- Otherwise, log a dash character.
Also adjusts %>lp logformat code handling for intercepted connections to
always
log the port number from the corresponding http_port or https_port option.
%>la for intercepted connections
This patch adjusts the %>la logformat code handling for intercepted connections
based on the following rules:
- If the corresponding http_port or https_port option has an explicit
listening host name or IP address, then log the IP address.
- Otherwise, log a dash character.
Also adjusts %>lp logformat code handling for intercepted connections to always
log the port number from the corresponding http_port or https_port option.
=== modified file 'src/AccessLogEntry.h'
--- src/AccessLogEntry.h 2011-08-20 08:21:11 +0000
+++ src/AccessLogEntry.h 2011-08-27 14:38:03 +0000
@@ -22,40 +22,41 @@
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
*
* Copyright (c) 2003, Robert Collins <[email protected]>
*/
#ifndef SQUID_HTTPACCESSLOGENTRY_H
#define SQUID_HTTPACCESSLOGENTRY_H
#include "comm/Connection.h"
#include "HttpVersion.h"
#include "HttpRequestMethod.h"
#include "HierarchyLogEntry.h"
#include "ip/Address.h"
#include "HttpRequestMethod.h"
#if ICAP_CLIENT
#include "adaptation/icap/Elements.h"
#endif
+#include "ProtoPort.h"
/* forward decls */
class HttpReply;
class HttpRequest;
class AccessLogEntry
{
public:
AccessLogEntry() : url(NULL), tcpClient(), reply(NULL), request(NULL),
adapted_request(NULL) {}
const char *url;
/// TCP/IP level details about the client connection
Comm::ConnectionPointer tcpClient;
// TCP/IP level details about the server or peer connection
// are stored in hier.tcpServer
/** \brief This subclass holds log info for HTTP protocol
@@ -131,40 +132,41 @@
#endif
{;
}
Ip::Address caddr;
int64_t requestSize;
int64_t replySize;
int requestHeadersSize; ///< received, including request line
int replyHeadersSize; ///< sent, including status line
int64_t highOffset;
int64_t objectSize;
log_type code;
int msec;
const char *rfc931;
const char *authuser;
const char *extuser;
#if USE_SSL
const char *ssluser;
#endif
+ http_port_list *port;
} cache;
/** \brief This subclass holds log info for various headers in raw format
* \todo shuffle this to the relevant protocol section.
*/
class Headers
{
public:
Headers() : request(NULL),
adapted_request(NULL),
reply(NULL) {}
char *request; //< virgin HTTP request headers
char *adapted_request; //< HTTP request headers after adaptation and redirection
char *reply;
} headers;
=== modified file 'src/client_side.cc'
--- src/client_side.cc 2011-08-16 00:01:21 +0000
+++ src/client_side.cc 2011-08-27 14:19:12 +0000
@@ -623,41 +623,44 @@
al.icp.opcode = ICP_INVALID;
al.url = log_uri;
debugs(33, 9, "clientLogRequest: al.url='" << al.url << "'");
if (al.reply) {
al.http.code = al.reply->sline.status;
al.http.content_type = al.reply->content_type.termedBuf();
} else if (loggingEntry() && loggingEntry()->mem_obj) {
al.http.code = loggingEntry()->mem_obj->getReply()->sline.status;
al.http.content_type = loggingEntry()->mem_obj->getReply()->content_type.termedBuf();
}
debugs(33, 9, "clientLogRequest: http.code='" << al.http.code << "'");
if (loggingEntry() && loggingEntry()->mem_obj)
al.cache.objectSize = loggingEntry()->contentLen();
al.cache.caddr.SetNoAddr();
- if (getConn() != NULL) al.cache.caddr = getConn()->log_addr;
+ if (getConn() != NULL) {
+ al.cache.caddr = getConn()->log_addr;
+ al.cache.port = cbdataReference(getConn()->port);
+ }
al.cache.requestSize = req_sz;
al.cache.requestHeadersSize = req_sz;
al.cache.replySize = out.size;
al.cache.replyHeadersSize = out.headers_sz;
al.cache.highOffset = out.offset;
al.cache.code = logType;
al.cache.msec = tvSubMsec(start_time, current_time);
if (request)
prepareLogWithRequestDetails(request, &al);
if (getConn() != NULL && getConn()->clientConnection != NULL && getConn()->clientConnection->rfc931[0])
al.cache.rfc931 = getConn()->clientConnection->rfc931;
#if USE_SSL && 0
=== modified file 'src/format/Format.cc'
--- src/format/Format.cc 2011-08-20 15:57:06 +0000
+++ src/format/Format.cc 2011-08-27 14:36:18 +0000
@@ -356,48 +356,55 @@
case LFT_SERVER_IP_ADDRESS:
if (al->hier.tcpServer != NULL) {
out = al->hier.tcpServer->remote.NtoA(tmp,sizeof(tmp));
}
break;
case LFT_SERVER_FQDN_OR_PEER_NAME:
out = al->hier.host;
break;
case LFT_SERVER_PORT:
if (al->hier.tcpServer != NULL) {
outint = al->hier.tcpServer->remote.GetPort();
doint = 1;
}
break;
case LFT_CLIENT_LOCAL_IP_OLD_31:
case LFT_CLIENT_LOCAL_IP:
if (al->tcpClient != NULL) {
- out = al->tcpClient->local.NtoA(tmp,sizeof(tmp));
+ if ((al->request->flags.spoof_client_ip || al->request->flags.intercepted) && al->cache.port) {
+ if (!al->cache.port->s.IsAnyAddr())
+ out = al->cache.port->s.NtoA(tmp, sizeof(tmp));
+ } else
+ out = al->tcpClient->local.NtoA(tmp,sizeof(tmp));
}
break;
case LFT_CLIENT_LOCAL_PORT_OLD_31:
case LFT_CLIENT_LOCAL_PORT:
if (al->tcpClient != NULL) {
- outint = al->tcpClient->local.GetPort();
+ if ((al->request->flags.spoof_client_ip || al->request->flags.intercepted) && al->cache.port)
+ outint = al->cache.port->s.GetPort();
+ else
+ outint = al->tcpClient->local.GetPort();
doint = 1;
}
break;
case LFT_SERVER_LOCAL_IP_OLD_27:
case LFT_SERVER_LOCAL_IP:
if (al->hier.tcpServer != NULL) {
out = al->hier.tcpServer->local.NtoA(tmp,sizeof(tmp));
}
break;
case LFT_SERVER_LOCAL_PORT:
if (al->hier.tcpServer != NULL) {
outint = al->hier.tcpServer->local.GetPort();
doint = 1;
}
break;
case LFT_TIME_SECONDS_SINCE_EPOCH:
=== modified file 'src/log/access_log.cc'
--- src/log/access_log.cc 2011-08-21 00:12:49 +0000
+++ src/log/access_log.cc 2011-08-27 14:36:50 +0000
@@ -579,40 +579,41 @@
accessLogFreeMemory(AccessLogEntry * aLogEntry)
{
safe_free(aLogEntry->headers.request);
#if ICAP_CLIENT
safe_free(aLogEntry->adapt.last_meta);
#endif
safe_free(aLogEntry->headers.reply);
safe_free(aLogEntry->cache.authuser);
safe_free(aLogEntry->headers.adapted_request);
HTTPMSGUNLOCK(aLogEntry->adapted_request);
HTTPMSGUNLOCK(aLogEntry->reply);
HTTPMSGUNLOCK(aLogEntry->request);
#if ICAP_CLIENT
HTTPMSGUNLOCK(aLogEntry->icap.reply);
HTTPMSGUNLOCK(aLogEntry->icap.request);
#endif
+ cbdataReferenceDone(aLogEntry->cache.port);
}
int
logTypeIsATcpHit(log_type code)
{
/* this should be a bitmap for better optimization */
if (code == LOG_TCP_HIT)
return 1;
if (code == LOG_TCP_IMS_HIT)
return 1;
if (code == LOG_TCP_REFRESH_FAIL_OLD)
return 1;
if (code == LOG_TCP_REFRESH_UNMODIFIED)
return 1;
if (code == LOG_TCP_NEGATIVE_HIT)
