Chris, I'm glad you are getting things figured out.
> 1. I was looking at the wrong portion of the log output > (I should have looked at the "status" portion, which is > the output directly after the "method URL" part (in the > common log file format, that is). You didn't respond to my question about which log file you were viewing. You did mention "common log file format", so I'll guess that you are looking at the /squid/access.log, and that your squid.conf file contains "emulate_httpd_log on". I've never used the emulate_httpd_log switch. There is a list of Squid log file analysis tools here: <http://www.squid-cache.org/Scripts/>. You didn't mention what you are trying to accomplish, but I've found Calamaris to be very useful. Anytime you ask something to act like something else you run the risk of losing information in the translation. You might want to see if the native log file format will meet your needs. You'll get help for some Squid issues here, but keep in mind, this is a squidGuard mailing list, not Squid. Rick -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Chris Lundell Sent: Tuesday, December 04, 2001 8:37 AM To: Rick Matthews Cc: Squidguard Mailing List Subject: Re: help on redirects Hello Rick, Thanks for writing back - I *think* I figured things out: 1. I was looking at the wrong portion of the log output (I should have looked at the "status" portion, which is the output directly after the "method URL" part (in the common log file format, that is). 2. I ended up using CGI.pm in my script and modifed the header status using the "redirect" method with the "-status" argument (i.e., "$query->redirect( -status => "403 Forbidden" )";). This is all based on the assumption that 192.168.100.15 clundell - [04/Dec/2001:09:22:28 -0500] "GET http://www.porn.com/ HTTP/1.0" 403 584 TCP_CLIENT_REFRESH_MISS:DIRECT will be logged as a "denied" hit and not a hit which was allowed (because of "DIRECT" at the end). Is this a correct assumption? Thanks again for writing ;). Chris Rick Matthews wrote: > > Hi, I'd be glad to help with your questions but it's not clear to me > what you are asking. > > > 1. How can a redirection (in this case, a CGI script) > > specifically state a 403 error and not simply a redirection > > (even though squidGuard acts as a redirection)? > > Are you asking *how* to go about getting your redirection to do this? Or > are you asking *why* is your redirection doing this? Please post your > squidGuard.conf so we can see what you are trying to do. > > > The log > > file indicates that the forbidden url was actually reached, > > when actually it was simply redirected. > > Which log is showing that the forbidden url was reached? > > > 2. Is it possible not to log these attempts? > > Are we still talking about the attempt you mentioned above that was > successful? Do you not want to log the *successful* ones or the > *unsuccessful* ones? > > Is it possible to not log them *where* (which log file)? > > I'll be watching for your reply with answers to these questions. We'll > have you cooking in no time! > > Rick > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Chris Lundell > Sent: Monday, December 03, 2001 1:26 PM > To: [EMAIL PROTECTED] > Subject: help on redirects > > Hello, > > I'm just about finished configuring squidGuard and I have a stumbling > block: > > 1. How can a redirection (in this case, a CGI script) specifically state > a 403 > error and not simply a redirection (even though squidGuard acts as a > redirection)? The log file indicates that the forbidden url was > actually > reached, when actually it was simply redirected. > 2. Is it possible not to log these attempts? > > Thank you, > Chris -- Chris
