I put together an addition to the ACL listing which logs when it is reached. The patch is attached if anyone is interested. You add an acl line like so:
acl myaclname logger true
The above will always match. Doing this will force it to never match:
acl myaclname logger false
It will log in either case. But it is useful to find out if certain things would match.
-- David Nicklay Location: CNN Center - SE0811A Office: 404-827-2698 Cell: 404-545-6218
--- ./squid-3.0-PRE3-20040309-orig/src/Makefile.am Mon Oct 20 07:23:38 2003 +++ ./squid-3.0-PRE3-20040309/src/Makefile.am Tue Mar 9 15:54:42 2004 @@ -241,6 +241,8 @@ ACLIntRange.h \ ACLIP.cc \ ACLIP.h \ + ACLLogger.cc \ + ACLLogger.h \ ACLMaxConnection.cc \ ACLMaxConnection.h \ ACLMaxUserIP.cc \ --- ./squid-3.0-PRE3-20040309-orig/src/Makefile.in Mon Oct 20 20:13:59 2003 +++ ./squid-3.0-PRE3-20040309/src/Makefile.in Tue Mar 9 15:55:39 2004 @@ -412,6 +412,8 @@ ACLIntRange.h \ ACLIP.cc \ ACLIP.h \ + ACLLogger.cc \ + ACLLogger.h \ ACLMaxConnection.cc \ ACLMaxConnection.h \ ACLMaxUserIP.cc \ @@ -998,6 +1000,7 @@ ACLDestinationDomain.h ACLDestinationIP.cc ACLDestinationIP.h \ ACLDomainData.h ACLDomainData.cc ACLExtUser.h ACLExtUser.cc \ ACLIntRange.cc ACLIntRange.h ACLIP.cc ACLIP.h \ + ACLLogger.cc ACLLogger.h \ ACLMaxConnection.cc ACLMaxConnection.h ACLMaxUserIP.cc \ ACLMaxUserIP.h ACLMethod.cc ACLMethod.h ACLMethodData.cc \ ACLMethodData.h ACLMyIP.cc ACLMyIP.h ACLMyPort.cc ACLMyPort.h \ @@ -1071,6 +1074,7 @@ ACLDestinationDomain.$(OBJEXT) ACLDestinationIP.$(OBJEXT) \ ACLDomainData.$(OBJEXT) ACLExtUser.$(OBJEXT) \ ACLIntRange.$(OBJEXT) ACLIP.$(OBJEXT) \ + ACLLogger.$(OBJEXT) \ ACLMaxConnection.$(OBJEXT) ACLMaxUserIP.$(OBJEXT) \ ACLMethod.$(OBJEXT) ACLMethodData.$(OBJEXT) ACLMyIP.$(OBJEXT) \ ACLMyPort.$(OBJEXT) ACLProtocol.$(OBJEXT) \ @@ -1183,7 +1187,7 @@ ACLData.h ACLDestinationDomain.cc ACLDestinationDomain.h \ ACLDestinationIP.cc ACLDestinationIP.h ACLDomainData.h \ ACLDomainData.cc ACLExtUser.h ACLExtUser.cc ACLIntRange.cc \ - ACLIntRange.h ACLIP.cc ACLIP.h ACLMaxConnection.cc \ + ACLIntRange.h ACLIP.cc ACLIP.h ACLLogger.cc ACLMaxConnection.cc \ ACLMaxConnection.h ACLMaxUserIP.cc ACLMaxUserIP.h ACLMethod.cc \ ACLMethod.h ACLMethodData.cc ACLMethodData.h ACLMyIP.cc \ ACLMyIP.h ACLMyPort.cc ACLMyPort.h ACLProtocol.cc ACLProtocol.h \ @@ -1307,6 +1311,7 @@ @AMDEP_TRUE@ ./$(DEPDIR)/ACLDomainData.Po \ @AMDEP_TRUE@ ./$(DEPDIR)/ACLExtUser.Po ./$(DEPDIR)/ACLIP.Po \ @AMDEP_TRUE@ ./$(DEPDIR)/ACLIdent.Po ./$(DEPDIR)/ACLIntRange.Po \ [EMAIL PROTECTED]@ ./$(DEPDIR)/ACLLogger.Po \ @AMDEP_TRUE@ ./$(DEPDIR)/ACLMaxConnection.Po \ @AMDEP_TRUE@ ./$(DEPDIR)/ACLMaxUserIP.Po \ @AMDEP_TRUE@ ./$(DEPDIR)/ACLMethod.Po \ @@ -1632,6 +1637,7 @@ @AMDEP_TRUE@@am__include@ @[EMAIL PROTECTED]/$(DEPDIR)/[EMAIL PROTECTED]@ @AMDEP_TRUE@@am__include@ @[EMAIL PROTECTED]/$(DEPDIR)/[EMAIL PROTECTED]@ @AMDEP_TRUE@@am__include@ @[EMAIL PROTECTED]/$(DEPDIR)/[EMAIL PROTECTED]@ [EMAIL PROTECTED]@@am__include@ @[EMAIL PROTECTED]/$(DEPDIR)/[EMAIL PROTECTED]@ @AMDEP_TRUE@@am__include@ @[EMAIL PROTECTED]/$(DEPDIR)/[EMAIL PROTECTED]@ @AMDEP_TRUE@@am__include@ @[EMAIL PROTECTED]/$(DEPDIR)/[EMAIL PROTECTED]@ @AMDEP_TRUE@@am__include@ @[EMAIL PROTECTED]/$(DEPDIR)/[EMAIL PROTECTED]@ --- ./squid-3.0-PRE3-20040309-orig/src/ACLLogger.cc Wed Dec 31 19:00:00 1969 +++ ./squid-3.0-PRE3-20040309/src/ACLLogger.cc Tue Mar 9 16:16:34 2004 @@ -0,0 +1,139 @@ +/* + * DEBUG: section 28 Access Control Logger + * AUTHOR: David Nicklay + * + * SQUID Web Proxy Cache http://www.squid-cache.org/ + * ---------------------------------------------------------- + * + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. + * + */ + +#include "squid.h" +#include "ACLLogger.h" + + +ACL::Prototype ACLLogger::RegistryProtoype(&ACLLogger::RegistryEntry_, "logger"); +ACLLogger ACLLogger::RegistryEntry_("logger"); + +ACL * +ACLLogger::clone() const +{ + return new ACLLogger(*this); +} + +ACLLogger::ACLLogger (char const *theClass) : class_ (theClass) +{} + +ACLLogger::ACLLogger (ACLLogger const & old) :class_ (old.class_) +{} + +MemPool (*ACLLogger::Pool)(NULL); + +void * +ACLLogger::operator new (size_t byteCount) +{ + /* derived classes with different sizes must implement their own new */ + assert (byteCount == sizeof (ACLLogger)); + + if (!Pool) + Pool = memPoolCreate("ACLLogger", sizeof (ACLLogger)); + + return memPoolAlloc(Pool); +} + +void +ACLLogger::prepareForUse() +{ + matches = 0; +} + +void +ACLLogger::operator delete (void *address) +{ + memPoolFree (Pool, address); +} + +ACLLogger::~ACLLogger() +{} + +char const * +ACLLogger::typeString() const +{ + return class_; +} + +bool +ACLLogger::valid () const +{ + return 1; +} + +void +ACLLogger::parse() +{ + char *t = strtokFile(); + + if (!t) + fatal("ACLLogger::parse: Malformed ACL\n"); + + debug(28, 5) ("ACLLogger::parse: First token is %s\n", t); + + if (strcasecmp("true", t) == 0) { + my_match_policy = 1; + debug(28, 5) ("ACLLogger::parse: ACL is set to always match\n"); + } else if (strcasecmp("false", t) == 0) { + my_match_policy = 0; + debug(28, 5) ("ACLLogger::parse: ACL is set to never match\n"); + } else { + fatal("ACLLogger::parse: argument was not one of 'true' or 'false'\n"); + } + return; +} + + +/* + * Log something if this matches + */ +int +ACLLogger::match(ACLChecklist *checklist) +{ + matches++; + debug(28, 0) ("ACLLogger::match: Matches=%u\n",matches); + return my_match_policy; +} + +wordlist * +ACLLogger::dump() const +{ + wordlist *W = NULL; + + char buf[128]; + + snprintf(buf, sizeof(buf), "%lu", (unsigned long int) matches); + + wordlistAdd(&W, buf); + + return W; +} --- ./squid-3.0-PRE3-20040309-orig/src/ACLLogger.h Wed Dec 31 19:00:00 1969 +++ ./squid-3.0-PRE3-20040309/src/ACLLogger.h Tue Mar 9 16:17:33 2004 @@ -0,0 +1,69 @@ + +/* + * + * SQUID Web Proxy Cache http://www.squid-cache.org/ + * ---------------------------------------------------------- + * + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. + * + */ + + +#ifndef SQUID_ACLLOGGER_H +#define SQUID_ACLLOGGER_H +#include "ACL.h" +#include "ACLChecklist.h" + +class ACLLogger : public ACL +{ + +public: + void *operator new(size_t); + void operator delete(void *); + + ACLLogger(char const *); + ACLLogger(ACLLogger const &); + ~ACLLogger(); + ACLLogger&operator=(ACLLogger const &); + + virtual ACL *clone()const; + virtual char const *typeString() const; + virtual void parse(); + virtual int match(ACLChecklist *checklist); + virtual wordlist *dump() const; + virtual bool valid () const; + virtual bool requiresRequest() const {return true;} + virtual void prepareForUse(); + +private: + static MemPool *Pool; + static Prototype RegistryProtoype; + static ACLLogger RegistryEntry_; + + unsigned int matches; + int my_match_policy; + char const *class_; +}; + +#endif /* SQUID_ACLLOGGER_H */
