Squid (caching proxy)

See: http://www.squid-cache.org/

Custom Logging

Custom logging formats are easy to set up, and can be helpful in diagnosing traffic details (for instance for checking HTTP headers):

The following log has a human-readable datestamp, the apparent IP (which could be an upstream proxy or a load balancer for a reverse proxy configuration) and then three HTTP header fields to show some X-Forwarded-* header details:

logformat bjdeanlog %tl %>a %{x-forwarded-for}>h %{x-forwarded-proto}>h %{x-forwarded-port}>h
access_log /var/log/squid3/bjdean.log bjdeanlog

See: http://www.squid-cache.org/Doc/config/logformat/

Trusting X-Forwarded-* headers

If you trust up-stream providers of X-Forwarded-* headers (for instance where an X-Forwarded-For header was set by a load-balancer in front of squid) use follow_x_forwarded_for:

acl load_balancer src 10.1.2.
follow_x_forwarded_for allow load_balancer

See: http://www.squid-cache.org/Doc/config/follow_x_forwarded_for/

BradsWiki: System Admin/nix/Squid (last edited 2015-12-14 03:21:08 by BradleyDean)