Currently we're using a few blacklists (from abuse.ch) as ACLs on our squid installation.
This is working well, but we want to create statistics on how many clients were "caught" trying to access blocked sites. Currently, we're grepping the log for TCP_DENIED in conjunction with the patterns from the ACLs. This is working somewhat OK, but if access was blocked using a pettern that was in use when the client tried to access and was subsequently removed (prior to the time of the log analysis process), it won't be found... Is there any way around this? Like "tagging" rejects or logging the ACL that caused the rejection? (Using squid-5 HEAD here) -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.de Campus Benjamin Franklin https://www.charite.de Hindenburgdamm 30, 12203 Berlin Geschäftsbereich IT, Abt. Netzwerk fon: +49-30-450.570.155 _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
