Currently we're using a few blacklists (from abuse.ch) as ACLs on our
squid installation.

This is working well, but we want to create statistics on how many
clients were "caught" trying to access blocked sites.

Currently, we're grepping the log for TCP_DENIED in conjunction with the
patterns from the ACLs. This is working somewhat OK, but if access was
blocked using a pettern that was in use when the client tried to
access and was subsequently removed (prior to the time of the log
analysis process), it won't be found...

Is there any way around this? Like "tagging" rejects or logging the
ACL that caused the rejection? (Using squid-5 HEAD here)

-- 
Ralf Hildebrandt                   Charite Universitätsmedizin Berlin
ralf.hildebra...@charite.de        Campus Benjamin Franklin
https://www.charite.de             Hindenburgdamm 30, 12203 Berlin
Geschäftsbereich IT, Abt. Netzwerk fon: +49-30-450.570.155
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Reply via email to