I am excited of the programm, that really works as I want!
Of course I mean squid daemon.
But there is a little problem.
I use a model when users from my lan may go through proxy only having been authenticated. I need to get statistics per user for ALL traffic
transferred through the cache.
Some of users use icq and of course through squid. I don't leave them chance to go other way. That works fine, but squid does NOT log these
connections as it logs other connections, made by the CONNECT method.
Say I want to go to www.nic.ru/whois/ and want to get an info
for sasha.ru domain. EVERY connection to this service is logged.
But when loggin into icq - only one entry is in the access.log:
1106896841.651 636 10.7.0.68 TCP_MISS/000 347 CONNECT login.icq.com:443 lena FIRST_UP_PARENT/10.0.0.78 -
Other connections that express real traffic are absent in the log.
My question is WHY. May be something is misconfigured? So I am sending a copy of my squid.conf file
Of course I know that proxy must NOT cache any ssl connections by the reason it doesn't understand this content. But it it seems to me it MUST log all events of such a type, that is size, username an so on.
So I thank you for reply beforehand. Waiting in anticipation. Recpectfully yours, Morozov Alexander.
cache_access_log /usr/local/squid/var/logs/access.050128
cache_effective_user squid cache_effective_group squid http_port 3128 cache_peer 10.0.0.78 parent 3128 3130 error_directory /usr/local/squid/share/errors/Russian-1251 cache_store_log none cache_mgr [EMAIL PROTECTED] ftp_user [EMAIL PROTECTED] #Recommended minimum configuration: acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 119 # nntp acl Safe_ports port 5190 # icq acl Safe_ports port 443 563 # https, snews acl Safe_ports port 1025-65535 # unregistered ports acl CONNECT method CONNECT http_access deny to_localhost #http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports #Authentication auth_param basic program /usr/local/squid/libexec/wb_auth auth_param basic realm Internet auth_param basic children 5 auth_param basic credentialsttl 60 minutes external_acl_type NT_global_group %LOGIN /usr/local/squid/libexec/wb_group #ACLists for sources acl LAN src 10.7.0.0/16 acl LAN0 src 10.7.0.0/24 acl Class1 src 10.7.1.0/24 acl Class2 src 10.7.2.0/24 acl Class3 src 10.7.3.0/24 acl Class4 src 10.7.4.0/24 acl Class5 src 10.7.5.0/24 acl Class6 src 10.7.6.0/24 acl Class7 src 10.7.7.0/24 acl Unknown src 10.7.0.128/25 acl univ dstdomain .uniyar.ac.ru acl dst_local dst 193.233.49.64/26 10.7.0.0/24 acl url_local url_regex -i \.lan acl url_open url_regex -i "/usr/local/squid/etc/url/open" acl url_elibrary url_regex -i elibrary\.ru acl url_media url_regex -i "/usr/local/squid/etc/url/media" #ACLists for users acl usr proxy_auth REQUIRED acl usr_black proxy_auth -i "/usr/local/squid/etc/usr/black" acl prep external NT_global_group WebUsers acl usr_stud proxy_auth -i "/usr/local/squid/etc/usr/stud" # Rules http_access allow dst_local http_access allow url_local http_access allow LAN url_open http_access deny usr_black http_access allow LAN usr prep CONNECT http_access allow LAN usr prep http_access deny url_media usr_stud http_access allow LAN usr_stud #http_access allow LAN0 usr http_access deny all always_direct allow dst_local always_direct allow univ never_direct allow all
