having problem wid access.log

sarbazix · Post by **sarbazix** » Fri Feb 20, 2004 5:39 am

salam,
i m having problem wid access.log i m not getting full log of ip address i only get 192.168.0.0 in my access.log im using redhat linux 8.0 and squid Squid/2.4.STABLE7

access.log seems like this

<>-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

1074559029.077 807 192.168.0.0 TCP_MISS/302 540 GET http://red.clientapps.yahoo.com/customi ... yahoo.com/ - DIRECT/216.109.127.247 text/html
1074559031.661 2543 192.168.0.0 TCP_MISS/200 24451 GET http://mail.yahoo.com/ - DIRECT/216.109.127.60 text/html
1074559036.470 121 192.168.0.0 TCP_MISS/000 0 GET http://red.clientapps.yahoo.com/customi ... yahoo.com/ - NONE/- -
1074559037.165 630 192.168.0.0 TCP_MISS/302 540 GET http://red.clientapps.yahoo.com/customi ... yahoo.com/ - DIRECT/216.109.127.249 text/html
1074559037.788 105 192.168.0.0 TCP_MISS/503 1141 GET http://www.urduistan.com/ - NONE/- -
1074559038.977 1795 192.168.0.0 TCP_MISS/200 24451 GET http://mail.yahoo.com/ - DIRECT/216.109.127.60 text/html
1074559039.242 1225 192.168.0.0 TCP_MISS/200 413 POST http://gbs.gator.com/gbs/gbs.dll? - DIRECT/64.157.165.249 application/octet-stream

===================================
where i m mistaking ?? my squid.conf is configured like this
===================================
http_port 3128 8080
icp_port 3130
tcp_outgoing_address 0.0.0.0
udp_incoming_address 0.0.0.0
udp_outgoing_address 0.0.0.0
dead_peer_timeout 10 seconds
acl QUERY urlpath_regex cgi-bin \?
acl MAILQUERY urlpath_regex mail
no_cache deny QUERY

no_cache deny MAILQUERY
cache_mem 256 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 9000 KB
ipcache_size 1024
ipcache_low 90
ipcache_high 95
cache_dir ufs /cache 25000 16 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
emulate_httpd_log off
log_ip_on_direct on
mime_table /etc/squid/mime.conf
log_mime_hdrs off
pid_filename /var/run/squid.pid
debug_options ALL,1
log_fqdn off
client_netmask 255.255.255.0
ftp_list_width 32
dns_nameservers 192.168.0.1 202.88.125.20
redirect_children 10
redirect_rewrites_host_header off
request_header_max_size 10 KB
request_body_max_size 0 MB
reply_body_max_size 0
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
reference_age 1 week
quick_abort_min 16 KB
quick_abort_max 16 KB
quick_abort_pct 95
negative_ttl 0 minutes
positive_dns_ttl 24 hours
negative_dns_ttl 1 minutes
range_offset_limit 0 KB
connect_timeout 120 seconds
peer_connect_timeout 30 seconds
siteselect_timeout 4 seconds
read_timeout 15 minutes
request_timeout 30 seconds
client_lifetime 1 day
half_closed_clients on
pconn_timeout 120 seconds
ident_timeout 10 seconds
shutdown_lifetime 30 seconds
acl all src 0.0.0.0/0.0.0.0
acl dlfilter urlpath_regex \.dat$ \.avi$ \.mpg$
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255 192.168.0.0/255.255.255.0
acl SSL_ports port 443 563
acl Safe_ports port 80 21 443 563 70 210 1025-65535
acl CONNECT method CONNECT
acl kazaa port 1214
acl opasoft dstdomain .opasoft.com desktop.kazaa.com
http_access allow manager localhost
http_access deny manager
http_access deny kazaa
http_access deny dlfilter
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny opasoft
http_access allow localhost
http_access deny all
icp_access allow localhost
icp_access deny all
miss_access allow all
cache_mgr Sarbaz
visible_hostname proxy.sarbaz.net.uk
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
dns_testnames netscape.com internic.net nlanr.net microsoft.com
tcp_recv_bufsize 0 bytes
icp_hit_stale off
store_avg_object_size 13 KB
store_objects_per_bucket 50
netdb_low 900
netdb_high 1000
netdb_ping_period 5 minutes
unique_hostname proxy.sarbaz.net.uk
=============================================
wht m i doing wrong in it .. any 1 can help ???

Post by **LinuxFreaK** » Sat Feb 21, 2004 12:26 am

Dear sarbazix,
Salam,

Check this out http://www.linuxpakistan.net/forum2x/vi ... .php?t=414

http_port 3128

# Default Settings
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY

cache_mem 256 MB
maximum_object_size 32768 KB

cache_dir ufs /cache 7000 16 256

cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
cache_swap_log /var/log/squid/cache_swap_log

cache_replacement_policy heap GDSF

# Generate an error "Permission Denied"
# mime_table /root/production/squid_proxy/mime.conf
mime_table /etc/squid/mime.conf

pid_filename /var/run/squid.pid

ftp_user Squid@example.com
ftp_list_width 64

# cache_dns_program /usr/lib/squid/dnsserver
#cache_dns_program /root/production/squid_proxy/squid/bin/dnsserver
#cache_dns_program /program/squid/bin/dnsserver

#dns_children 10

# TAG: unlinkd_program
# Specify the location of the executable for file deletion process.
# This isn't needed if you are using async-io since it's handled by
# a thread.
#
#unlinkd_program /usr/lib/squid/unlinkd

# refresh_pattern . 0 20% 4320 override-expire reload-into-ims override-lastmod
refresh_pattern . 0 40% 5000 override-expire reload-into-ims override-lastmod
reference_age 12 month

quick_abort_min 16 KB
quick_abort_max 1 MB
quick_abort_pct 95

negative_ttl 1 minutes
positive_dns_ttl 12 hours
negative_dns_ttl 5 minutes

range_offset_limit 0 KB

shutdown_lifetime 30 seconds
#Defaults:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 21 443 563 70 210 1025-65535
acl CONNECT method CONNECT
acl example src 192.168.0.1/255.255.255.0
acl local-servers dstdomain example.com
acl snmppublic snmp_community public

#Donot Cache Local address like www.example.com, mail etc...
acl Local dst 192.168.0.1/24
no_cache deny Local
acl BadURL url_regex -i root.exe
acl BadURL url_regex -i cmd.exe
http_access deny BadURL
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow example
http_access deny all
icp_access allow all
miss_access allow all
cache_mgr sysadmin
cache_effective_user squid
cache_effective_group squid

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

visible_hostname proxy.example.com

#dns_testnames netscape.com internic.net nlanr.net microsoft.com

# It is best to get in the habit of using 'squid -k rotate' i
# stead of 'kill -USR1 <pid>'.

logfile_rotate 4
append_domain .example.com

# Set to zero to use the default buffer size.
tcp_recv_bufsize 0 bytes
cachemgr_passwd newpass all
reload_into_ims on

always_direct allow local-servers
always_direct deny all

snmp_port 3401
#Example:
snmp_access allow snmppublic
snmp_access deny all
offline_mode on
uri_whitespace allow
prefer_direct off

Best Regards.

sarbazix · Post by **sarbazix** » Sat Feb 21, 2004 4:59 pm

salam farrukh bhai
thnkx for ur reply but if i reconfigure my squid den how cud i save my cache.... my cache drive is 14 GB full and i dnt want to lose all that is there's a way to save den plz let me knw..

Post by **LinuxFreaK** » Sat Feb 21, 2004 5:02 pm

Dear sarbazix,
Salam,

Always make your Cache in Another Hard Disk is the best way to save your cache and if System Crash then there is no problem just need to install OS and configure Squid

Best Regards.

sarbazix · Post by **sarbazix** » Sat Feb 21, 2004 5:10 pm

i hv a seperate partician for cache and if i run squid -z den it will delete d previous cache's which hv been generated from my old squid ???

Post by **LinuxFreaK** » Sat Feb 21, 2004 5:54 pm

Dear sarbazix,
Salam,

sarbazix wrote:i hv a seperate partician for cache and if i run squid -z den it will delete d previous cache's which hv been generated from my old squid ???

You just need to start squid with service squid start but make sure that your old cache hard disk were mount at your old squid cache path

Best Regards.

sarbazix · Post by **sarbazix** » Sat Feb 21, 2004 6:46 pm

hi again ...
i hv downloaded squid from da given site and i hv configure it wid
my previous squid.conf is in /etc/squid/squid.conf

./configure --prefix=/etc/squid
make all
make install

after doing all this ... i did pico/etc/squid/squid.conf it's da same conf file i think it hvnt been changed or i hvnt configured it correctly wht shud i do

Post by **LinuxFreaK** » Sat Feb 21, 2004 6:49 pm

Dear sarbazix,
Salam,

Just Configure your squid.conf or place your old config file and then start service

Best Regards.

sarbazix · Post by **sarbazix** » Sun Feb 22, 2004 3:02 am

LinuxFreaK wrote:Dear sarbazix,
Salam,

Just Configure your squid.conf or place your old config file and then start service

Best Regards.

farrukh bhai i hv reconfigured my server again and downloded da new stable version of squid and i m getting da same problem in access.log

077400409.027 6 192.168.0.0 TCP_MISS/304 258 GET http://www.apniisp.com/st_tdirectory.gif - DIRECT/66.36.246.122 image/gif
1077400409.032 4 192.168.0.0 TCP_MISS/304 258 GET http://www.apniisp.com/st_recipe.gif - DIRECT/66.36.246.122 image/gif
1077400409.077 3452 192.168.0.0 TCP_MISS/200 4183 GET http://www.apniisp.com/anni_top.gif - DIRECT/66.36.246.122 image/gif
1077400410.759 1961 192.168.0.0 TCP_MISS/304 369 GET http://www.apniisp.com/cell_msnmania.gif - DIRECT/66.36.246.122 -
1077400410.761 5215 192.168.0.0 TCP_MISS/403 1347 GET http://www.pakranks.com/ranks/ranks.cgi? - DIRECT/66.223.126.78 text/html
1077400410.778 17 192.168.0.0 TCP_MISS/304 258 GET http://www.apniisp.com/ispmenu_end.gif - DIRECT/66.36.246.122 image/gif
1077400410.781 18 192.168.0.0 TCP_MISS/403 1345 GET http://www.apniisp.com/st_coolsite.gif? - DIRECT/66.36.246.122 text/html
1077400410.784 5 192.168.0.0 TCP_MISS/403 1336 GET http://www.apniisp.com/st_wall.gif? - DIRECT/66.36.246.122 text/html
1077400410.788 6 192.168.0.0 TCP_MISS/403 1379 GET http://webapps.nerdsonsite.com/cgi-bin/online/count.cgi? - DIRECT/216.99.105.33 text/html

wht shud i do ... ??

Post by **LinuxFreaK** » Sun Feb 22, 2004 9:12 pm

Dear sarbazix,
Salam,

Are you browsering on the same machine where you did configured you Squid ? If yes then try to browse from your Client

Best Regards.

sarbazix · Post by **sarbazix** » Mon Feb 23, 2004 4:26 pm

LinuxFreaK wrote:Dear sarbazix,
Salam,

Are you browsering on the same machine where you did configured you Squid ? If yes then try to browse from your Client

Best Regards.

salam again
farrukh bhai yara ofcourse i m browsing from client side

but da problem has been solved i havnt restarted squid service

thnkx for everything,

cya soon

Post by **lambda** » Wed Feb 25, 2004 10:55 am

sarbazix wrote:i m having problem wid access.log i m not getting full log of ip address i only get 192.168.0.0 in my access.log im using redhat linux 8.0 and squid Squid/2.4.STABLE7

the pertinent question is: how are your packets getting to squid? that is the key to solving your problem.

sarbazix · Post by **sarbazix** » Wed Feb 25, 2004 8:07 pm

lambda wrote:
sarbazix wrote:i m having problem wid access.log i m not getting full log of ip address i only get 192.168.0.0 in my access.log im using redhat linux 8.0 and squid Squid/2.4.STABLE7
the pertinent question is: how are your packets getting to squid? that is the key to solving your problem.

salam lambda,
the problem has been solved and it was because of a single line
client_netmask 255.255.255.0
by removing this line i m getting all da ip's in my access.log

thnkx guys

linuxpakistan.net

having problem wid access.log

having problem wid access.log

Re:

Re:

Re:

Re:

Re:

Re:

Re:

Re: having problem wid access.log

Re: having problem wid access.log