Re: [squid-users] Squid ERR_CONNECT_FAIL SYSERR=110

Wed, 16 Jun 2021 11:21:57 -0700 

I'm running Squid 4.14 with the following custom log format:
logformat MyLogFormat  ---> local_time="[%tl]" squid_service=%{service}note 
squid_status=%Ss squid_hierarchy_status=%Sh ** lb_id=%{X-Request-Id}>h *FLOW0* 
orig_src_ip=%{X-Client-Egress-Ip}>h orig_src_port=%{X-Client-Egress-Port}>h  
lb_ingress_ip=%{X-LB-Ingress-Ip}>h lb_ingress_port=%{X-LB-Ingress-Port}>h 
*Flow1* lb_egress_ip=%>a lb_egress_port=%>p squid_ingress_ip=%>la 
squid_ingress_port=%>lp  *FLOW2* squid_egress_ip=%<la squid_egress_port=%<lp 
dst_ip=%<a dst_host=%<A dst_port=%<p ident_username=%[ui username=%[un 
request_method=%rm request="%rm %ru HTTP/%rv" status_code_from_server=%>Hs 
status_code_to_client=%<Hs referer="%{Referer}>h" user_agent="%{User-Agent}>h" 
protocol_version=%rv ** dns_response_time=%dt response_time=%tr mime_type=%mt 
*XFER*  total_request_size=%>st total_reply_size=%<st ** %{src_zone}note 
%{dst_zone}note %{method_category}note %{dst_category}note %{file_upload}note 
** REQUEST HEADERS %>h *** RESPONSE HEADERS %<h *** tag_returned=%et 
tag_string="%ea" previous_
 hop_mac=%>eui peer_response_time=%<pt total_response_time=%<tt *SSL* 
src_ssl_negotiated_version=%ssl::>negotiated_version 
dst_ssl_negotiated_version=%ssl::<negotiated_version 
src_tls_hello_version=%ssl::>received_hello_version  
dst_tls_hello_version=%ssl::<received_hello_version 
src_tls_max_version=%ssl::>received_supported_version 
dst_tls_max_version=%ssl::<received_supported_version 
src_tls_cipher=%ssl::>negotiated_cipher dst_tls_cipher=%ssl::<negotiated_cipher 
ssl_bump=%<bs ssl_bump_mode=%ssl::bump_mode ssl_sni=%ssl::>sni 
src_cert_subject="%ssl::>cert_subject" src_cert_issuer="%ssl::>cert_issuer" 
dst_cert_subject="%ssl::<cert_subject" dst_cert_issuer="%ssl::<cert_issuer" 
cert_errors="%ssl::<cert_errors" ssl_handshake="%>handshake" *** 
error_page_presented=%err_code err_detail="%err_detail"  rule_id=%{ruleid}note 
rule_type=%{ruletype}note  XFF="%{X-Forwarded-For}>h" 
squid_dst_app=%{dst_app}note

I normally don't see an issue as things are logged with %<a populated unless 
the destination doesn't resolve then %<a is blank with %err_code value being 
ERR_DNS_FAIL. Even then I see %>Hs=503, %<a contains an IP but I've noticed 
that on some very active destinations is just a hyphen. 
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Reply via email to