I have an issue with access_log acls when a load balancer sends a TCP probe.
The goal is to not log errors caused by the TCP probes of the load balancer.
All other errors must be logged.
I did a test with the following acls on one of our test systems to illustrate
the issue:
logformat combha %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %>Hs %<st %Ss:%Sh %>ha
acl src_lb src 10.2.2.254/32
acl src_lb src 10.2.2.107/32
access_log stdio:/local/squid4/logs/*lb*access.log combha src_lb
access_log stdio:/local/squid4/logs/access.log combha !src_lb
The logging is almost as expected: all HTTP(S) traffic from 10.2.2.107 goes to
lbaccess.log and all other traffic to access.log,
*but* imitating the TCP probe of the LB with a telnet session from 10.2.2.107 to the squid server which is immediately terminated or sends garbage, is logged with transaction-end-before-headers to
access.log, not lbaccess.log.
It seems that Squid, at the moment that it logs the
transaction-end-before-headers error, does not consider the access_log acls or
maybe has not yet processed the source IP to make the right decision.
Should the above acls send the errors to lbaccess.log ? If not, what set of
acls can do it?
Thanks,
Marcus
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
