In order not to be unfounded: https://bugs.squid-cache.org/show_bug.cgi?id=4572
I found workaround more than year ago, however I believe but still exists. PS. It's elementary to reproduce. Just specify cachemgr_passwd in squid.conf and do not disable password access to cachemgr stats. Then access to cachemgr from any tool like sqstat - with password (basic auth) - and see what will in access.log. Congrats, you just show your proxy manager password to all stats tool and anybody who watch your statistics reports. 25.01.2018 07:25, Yuri пишет: > > Everything is a little worse. If you need a password to access the > cachemanager - it will shown in the logs. I believe that this is a bug > and a hole in security. > > Preventing by ACL can be workaround, but hardly this is feature. > > > 24.01.2018 20:44, Amos Jeffries пишет: > > On 25/01/18 02:59, Alex Gutiérrez Martínez wrote: > >> Hello comunity, im using squid 3.3.8 on ubuntu 14.04.02 LTS. I have > >> implemented sqstat on this server to monitor my bandwidth. My > problem is > >> simple, i need to remove from my log the line created by sqstat. > >> > >> 1516801891.375 1 10.28.27.36 TCP_MISS/200 25526 GET > >> cache_object://localhost/active_requests - HIER_NONE/- text/plain > >> > >> > >> I tried using "access_log" directive, but until now the only thing i > >> acomplish is stop my squid using a bad configuration. > >> > >> Does anyone have an idea of how to solve this problem? > >> > > > access_log is the way to go, using the 'manager' ACL. > > > Somewhat like this: > > > access_log /var/log/squid/access.log squid !manager > > > > ... or if you want to log other manager access *except* for the sqstat > > ones. Then you will need an ACL that uniquely identifies sqstat instead > > of manager. > > > > Amos > > _______________________________________________ > > squid-users mailing list > > [email protected] > > http://lists.squid-cache.org/listinfo/squid-users > > -- ***************************** * C++20 : Bug to the future * *****************************
signature.asc
Description: OpenPGP digital signature
_______________________________________________ squid-users mailing list [email protected] http://lists.squid-cache.org/listinfo/squid-users
