Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Bypassing Squid Logging

Status
Not open for further replies.
heyyunus

heyyunus

IS-IT--Management
Joined
Apr 11, 2006
Messages
121
Location
US
Hi,

I am using Red Hat Linux 9 and squid 2.5 as the proxy server.

Is there any way i can create an ACL entry for a particular IP address to bypass the logging of squid.

In other words i dont want the IP a.b.c.d to get logged for all the HTTP requests placed on the net via the proxy server.

Thanks


-------
Yunus
 
Sort by date Sort by votes
Allow that address to go out directly on the gateway using iptables.

Cheers

QatQat

Life is what happens when you are making other plans.
 
Upvote 0 Downvote
hi,

I dont want to use iptables for some reason.
Any other idea for this.


-------
Yunus
 
Upvote 0 Downvote

That server also has one application server running which sends & recieves UDP packets from the Telecom service provider for SIP testing. The service provider IP's keep changing, so it will be an extra overhead for me.

Any other alternative method?

Thanks


-------
Yunus
 
Upvote 0 Downvote
I'm not gonna mention that you could set the iptables to allow that one app server on the inside unrestricted access to the 1 UDP port to/fromo any machine on a specified network at the other end... eliminating the need to change anything when they dink about with their IP's as long as they don't swap network. Nor that it sounds potentially unethical to be allow a singular host to bypass the proxy logging....I would be significanlty concerned about possible repurcussions.
 
Upvote 0 Downvote
In my case i have to bypass the logging of squid for one user.

I know that it seem a little doubtful case but what to do we have to follow instructions.


-------
Yunus
 
Upvote 0 Downvote
Well then I would recommend using iptables to ACCEPT and forward requests from that 1 host to the net. The catch here is that even if your "turn logging off" for 1 host, it's not really going to happen as squid still has to log it to cache the request. So technically the caching is still logging. I would seriously recommend requiring approval from:
A) Your manager
B) The person's manager
C) Human Resources and possibly
D) The Company's Legal Dept.

It just sounds too fishy to me. then if they really need it that bad jsut have iptables forward that machines request out to the net. Otherwise you're going to have to dig to turn off logging for 1 user in squid docs, I don't think it's designed to do it.
 
Upvote 0 Downvote
I must admit, it sounds fishy to me too.

QatQat

Life is what happens when you are making other plans.
 
Upvote 0 Downvote

Thanks everyone for your suggestions.
I have told my manager and have given up this thing.

Thanks once again to everyone.




-------
Yunus
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ComputersUnlimited
  • Locked
  • Question Question
Logging into SSH with PKI
Replies
2
Views
425
ComputersUnlimited
ComputersUnlimited
ady2012
  • Locked
  • Question Question
How set SELinux for LAMP, Nagios and Squid?
Replies
3
Views
337
ady2012
ady2012
NewtownGuy
  • Locked
  • Question Question
Logging scans received by wireless access point in Ubuntu server
Replies
0
Views
162
NewtownGuy
NewtownGuy
bazil2
  • Locked
  • Question Question
Logging in as root via SSH when using chroot
Replies
3
Views
283
Noway2
Noway2
tumichaelf
  • Locked
  • Question Question
Configure Logging for OpenLDAP on SLES
Replies
11
Views
607
tumichaelf
tumichaelf

Part and Inventory Search

Sponsor

Back
Top