which applies to both ICAP and eCAP.</p>
<tag>logformat</tag>
+ <p><em>%<a</em> Server or Peer IP address from the last server connection (next hop).
<p><em>%>bs</em> Number of HTTP-equivalent message body bytes received from the next hop.
<p><em>icap::%>bs</em> Number of message body bytes received from the ICAP server.
<p><em>%sn</em> Unique sequence number per log line. Ported from 2.7
- <p><em>%>eui</em> EUI logging (EUI-48 / MAC address for IPv4, EUI-64 for IPv6)
+ <p><em>%>eui</em> EUI logging (EUI-48 / MAC address for IPv4, EUI-64 for IPv6).
Both EUI forms are logged in the same field. Type can be identified by length or byte delimiter.
- <p><em>%err_code</em> The ID of an error response served by Squid or
- a similar internal error identifier
+ <p><em>%err_code</em> The ID of an error response served by Squid or a similar internal error identifier
<p><em>%err_detail</em> Additional err_code-dependent error information.
+ <p><em>%>la</em> Rename of %la to indicate being a client connection detail.
+ <p><em>%>lp</em> Rename of %lp to indicate being a client connection detail.
+ <p><em>%<p</em> Server or Peer port number from the last server connection (next hop).
<tag>memory_pools_limit</tag>
<p>Memory limits have been revised and corrected from 3.1.4 onwards.
<tag>log_fqdn</tag>
<p>Obsolete. Replaced by automatic detection of the %>A logformat tag.
+ <tag>log_ip_on_direct</tag>
+ <p>Obsolete. Use a custom log with <em>%<A</em> format tag to receive server FQDN or peer name.
+
<tag>maximum_single_addr_tries</tag>
<p>The behaviour controlled by this directive is no longer possible.
It has been replaced by <em>connect_retries</em> option which operates a little differently.
>a Client source IP address
>A Client FQDN
>p Client source port
- >eui Client EUI (MAC address, EUI-48 or EUI-64 identifier)
- <A Server IP address or peer name
- la Local IP address (http_port)
- lp Local port number (http_port)
+ >eui Client source EUI (MAC address, EUI-48 or EUI-64 identifier)
+ >la Local IP address the client connected to
+ >lp Local port number the client connected to
+
+ <a Server IP address of the last server or peer connection
+ <A Server FQDN or peer name
+ <p Server port number of the last server or peer connection
<la Local IP address of the last server or peer connection
<lp Local port number of the last server or peer connection
tr Response time (milliseconds)
dt Total time spent making DNS lookups (milliseconds)
- HTTP cache related format codes:
+ Access Control related format codes:
+
+ et Tag returned by external acl
+ ea Log string returned by external acl
+ un User name (any available)
+ ul User name from authentication
+ ue User name from external acl helper
+ ui User name from ident
+ us User name from SSL
+
+ HTTP related format codes:
[http::]>h Original request header. Optional header name argument
on the format header[:[separator]element]
Optional header name argument as for >h
[http::]<h Reply header. Optional header name argument
as for >h
- [http::]un User name
- [http::]ul User name from authentication
- [http::]ui User name from ident
- [http::]us User name from SSL
- [http::]ue User name from external acl helper
[http::]>Hs HTTP status code sent to the client
[http::]<Hs HTTP status code received from the next hop
[http::]<bs Number of HTTP-equivalent message body bytes
transfer encoding and control messages.
Generated FTP/Gopher listings are treated as
received bodies.
- [http::]Ss Squid request status (TCP_MISS etc)
- [http::]Sh Squid hierarchy status (DEFAULT_PARENT etc)
[http::]mt MIME content type
[http::]rm Request method (GET/POST etc)
[http::]>rm Request method from client
[http::]rv Request protocol version
[http::]>rv Request protocol version from client
[http::]<rv Request protocol version sent to server or peer
- [http::]et Tag returned by external acl
- [http::]ea Log string returned by external acl
[http::]<st Sent reply size including HTTP headers
[http::]>st Received request size including HTTP headers. In the
case of chunked requests the chunked encoding metadata
sent to the first selected peer. The timer stops
with the last I/O with the last peer.
+ Squid handling related format codes:
+
+ Ss Squid request status (TCP_MISS etc)
+ Sh Squid hierarchy status (DEFAULT_PARENT etc)
+
If ICAP is enabled, the following code becomes available (as
well as ICAP log codes documented with the icap_log option):
The default formats available (which do not need re-defining) are:
-logformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %un %Sh/%<A %mt
+logformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %un %Sh/%<a %mt
logformat common %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %>Hs %<st %Ss:%Sh
logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %>Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
logformat referrer %ts.%03tu %>a %{Referer}>h %ru
logformat useragent %>a [%tl] "%{User-Agent}>h"
- When the log_mime_hdrs directive is set to ON. The squid, common and combined
- formats have a safely encoded copy of the mime headers appended to each line
- within a pair of brackets.
+ NOTE: When the log_mime_hdrs directive is set to ON.
+ The squid, common and combined formats have a safely encoded copy
+ of the mime headers appended to each line within a pair of brackets.
+
+ NOTE: The common and combined formats are not quite true to the Apache definition.
+ The logs from Squid contain an extra status and hierarchy code appended.
- The common and combined formats are not quite true to the Apache definition.
- The logs from Squid contain an extra status and hierarchy code appended.
DOC_END
NAME: access_log cache_access_log
DOC_END
NAME: log_ip_on_direct
-COMMENT: on|off
-TYPE: onoff
-DEFAULT: on
-LOC: Config.onoff.log_ip_on_direct
+TYPE: obsolete
DOC_START
- Log the destination IP address in the hierarchy log tag when going
- direct. Earlier Squid versions logged the hostname here. If you
- prefer the old way set this to off.
+ Remove this option from your config. To log server or peer names use %<A in the log format.
DOC_END
NAME: mime_table
}
break;
-#if USE_SQUID_EUI
case LFT_CLIENT_EUI:
+#if USE_SQUID_EUI
// TODO make the ACL checklist have a direct link to any TCP details.
if (al->request && al->request->clientConnectionManager.valid() && al->request->clientConnectionManager->clientConnection != NULL) {
if (al->request->clientConnectionManager->clientConnection->remote.IsIPv4())
al->request->clientConnectionManager->clientConnection->remoteEui64.encode(tmp, 1024);
out = tmp;
}
- break;
+#else
+ out = "-";
#endif
+ break;
- /* case LFT_SERVER_IP_ADDRESS: */
+ case LFT_SERVER_IP_ADDRESS:
+ if (al->hier.tcpServer != NULL) {
+ out = al->hier.tcpServer->remote.NtoA(tmp,sizeof(tmp));
+ }
+ break;
- case LFT_SERVER_IP_OR_PEER_NAME:
+ case LFT_SERVER_FQDN_OR_PEER_NAME:
out = al->hier.host;
-
break;
- /* case LFT_SERVER_PORT: */
+ case LFT_SERVER_PORT:
+ if (al->hier.tcpServer != NULL) {
+ outint = al->hier.tcpServer->remote.GetPort();
+ doint = 1;
+ }
+ break;
- case LFT_LOCAL_IP:
+ case LFT_CLIENT_LOCAL_IP_OLD_31:
+ case LFT_CLIENT_LOCAL_IP:
if (al->tcpClient != NULL) {
out = al->tcpClient->local.NtoA(tmp,sizeof(tmp));
}
break;
- case LFT_LOCAL_PORT:
+ case LFT_CLIENT_LOCAL_PORT_OLD_31:
+ case LFT_CLIENT_LOCAL_PORT:
if (al->tcpClient != NULL) {
outint = al->tcpClient->local.GetPort();
doint = 1;
}
break;
- // the fmt->type can not be LFT_PEER_LOCAL_IP_OLD_27
- // but compiler complains if ommited
- case LFT_PEER_LOCAL_IP_OLD_27:
- case LFT_PEER_LOCAL_IP:
+ case LFT_SERVER_LOCAL_IP_OLD_27:
+ case LFT_SERVER_LOCAL_IP:
if (al->hier.tcpServer != NULL) {
out = al->hier.tcpServer->local.NtoA(tmp,sizeof(tmp));
}
break;
- case LFT_PEER_LOCAL_PORT:
+ case LFT_SERVER_LOCAL_PORT:
if (al->hier.tcpServer != NULL) {
outint = al->hier.tcpServer->local.GetPort();
doint = 1;
{">a", LFT_CLIENT_IP_ADDRESS},
{">p", LFT_CLIENT_PORT},
{">A", LFT_CLIENT_FQDN},
-#if USE_SQUID_EUI
{">eui", LFT_CLIENT_EUI},
-#endif
- /*{ "<a", LFT_SERVER_IP_ADDRESS }, */
- /*{ "<p", LFT_SERVER_PORT }, */
- {"<A", LFT_SERVER_IP_OR_PEER_NAME},
+ {"<a", LFT_SERVER_IP_ADDRESS},
+ {"<p", LFT_SERVER_PORT},
+ {"<A", LFT_SERVER_FQDN_OR_PEER_NAME},
- {"la", LFT_LOCAL_IP},
- {"lp", LFT_LOCAL_PORT},
+ {">la", LFT_CLIENT_LOCAL_IP},
+ {"la", LFT_CLIENT_LOCAL_IP_OLD_31},
+ {">lp", LFT_CLIENT_LOCAL_PORT},
+ {"lp", LFT_CLIENT_LOCAL_PORT_OLD_31},
/*{ "lA", LFT_LOCAL_NAME }, */
- {"<la", LFT_PEER_LOCAL_IP},
- {"oa", LFT_PEER_LOCAL_IP_OLD_27},
- {"<lp", LFT_PEER_LOCAL_PORT},
+ {"<la", LFT_SERVER_LOCAL_IP},
+ {"oa", LFT_SERVER_LOCAL_IP_OLD_27},
+ {"<lp", LFT_SERVER_LOCAL_PORT},
/* {"ot", LFT_PEER_OUTGOING_TOS}, */
{"ts", LFT_TIME_SECONDS_SINCE_EPOCH},
if (!divisor)
divisor = 0;
}
-
break;
case LFT_HTTP_SENT_STATUS_CODE_OLD_30:
type = LFT_HTTP_SENT_STATUS_CODE;
break;
- case LFT_PEER_LOCAL_IP_OLD_27:
+ case LFT_CLIENT_LOCAL_IP_OLD_31:
+ debugs(46, 0, "WARNING: The \"la\" formatting code is deprecated. Use the \">la\" instead.");
+ type = LFT_CLIENT_LOCAL_IP;
+ break;
+
+ case LFT_CLIENT_LOCAL_PORT_OLD_31:
+ debugs(46, 0, "WARNING: The \"lp\" formatting code is deprecated. Use the \">lp\" instead.");
+ type = LFT_CLIENT_LOCAL_PORT;
+ break;
+
+ case LFT_SERVER_LOCAL_IP_OLD_27:
debugs(46, 0, "WARNING: The \"oa\" formatting code is deprecated. Use the \"<la\" instead.");
- type = LFT_PEER_LOCAL_IP;
+ type = LFT_SERVER_LOCAL_IP;
break;
case LFT_REQUEST_URLPATH_OLD_31:
type = LFT_REQUEST_VERSION;
break;
+#if !USE_SQUID_EUI
+ case LFT_CLIENT_EUI:
+ debugs(46, 0, "WARNING: The \">eui\" formatting code requires EUI features which are disabled in this Squid.");
+ break;
+#endif
+
default:
break;
}
LFT_CLIENT_IP_ADDRESS,
LFT_CLIENT_FQDN,
LFT_CLIENT_PORT,
-#if USE_SQUID_EUI
LFT_CLIENT_EUI,
-#endif
- /*LFT_SERVER_IP_ADDRESS, */
- LFT_SERVER_IP_OR_PEER_NAME,
- /*LFT_SERVER_PORT, */
+ LFT_SERVER_IP_ADDRESS,
+ LFT_SERVER_FQDN_OR_PEER_NAME,
+ LFT_SERVER_PORT,
- LFT_LOCAL_IP,
- LFT_LOCAL_PORT,
+ LFT_CLIENT_LOCAL_IP,
+ LFT_CLIENT_LOCAL_IP_OLD_31,
+ LFT_CLIENT_LOCAL_PORT,
+ LFT_CLIENT_LOCAL_PORT_OLD_31,
/*LFT_LOCAL_NAME, */
- LFT_PEER_LOCAL_IP,
- LFT_PEER_LOCAL_IP_OLD_27,
- LFT_PEER_LOCAL_PORT,
+
+ LFT_SERVER_LOCAL_IP,
+ LFT_SERVER_LOCAL_IP_OLD_27,
+ LFT_SERVER_LOCAL_PORT,
LFT_TIME_SECONDS_SINCE_EPOCH,
LFT_TIME_SUBSECOND,
void
FwdState::startConnectionOrFail()
{
- debugs(17, 3, HERE << entry->url() );
+ debugs(17, 3, HERE << entry->url());
if (serverDestinations.size() > 0) {
+ // Ditch error page if it was created before.
+ // A new one will be created if there's another problem
+ if (err) {
+ errorStateFree(err);
+ err = NULL;
+ }
+
+ // Update the logging information about this new server connection.
+ // Done here before anything else so the errors get logged for
+ // this server link regardless of what happens when connecting to it.
+ // IF sucessfuly connected this top destination will become the serverConnection().
+ request->hier.note(serverDestinations[0], request->GetHost());
+
connectStart();
} else {
- debugs(17, 3, HERE << entry->url() );
- ErrorState *anErr = errorCon(ERR_CANNOT_FORWARD, HTTP_SERVICE_UNAVAILABLE, request);
- anErr->xerrno = errno;
+ debugs(17, 3, HERE << entry->url());
+ ErrorState *anErr = NULL;
+ if (err) {
+ anErr = errorCon(ERR_CANNOT_FORWARD, HTTP_INTERNAL_SERVER_ERROR, request);
+ anErr->xerrno = errno;
+ } // else use actual error from last connection attempt
fail(anErr);
self = NULL; // refcounted
}
logReplyStatus(n_tries, entry->getReply()->sline.status);
if (reforward()) {
- assert(serverDestinations.size() > 0);
debugs(17, 3, HERE << "re-forwarding " << entry->getReply()->sline.status << " " << entry->url());
if (Comm::IsConnOpen(serverConn))
entry->reset();
- /* the call to reforward() has already dropped the last path off the
- * selection list. all we have now are the next path(s) to be tried.
- */
- connectStart();
+ // drop the last path off the selection list. try the next one.
+ serverDestinations.shift();
+ startConnectionOrFail();
+
} else {
if (Comm::IsConnOpen(serverConn))
debugs(17, 3, HERE << "server FD " << serverConnection()->fd << " not re-forwarding status " << entry->getReply()->sline.status);
{
if (checkRetry()) {
debugs(17, 3, HERE << "re-forwarding (" << n_tries << " tries, " << (squid_curtime - start_t) << " secs)");
-
serverDestinations.shift(); // last one failed. try another.
-
- if (serverDestinations.size() > 0) {
- /* Ditch error page if it was created before.
- * A new one will be created if there's another problem */
- if (err) {
- errorStateFree(err);
- err = NULL;
- }
-
- connectStart();
- return;
- }
- // else bail. no more serverDestinations possible to try.
-
- // produce cannot-forward error, but only if no more specific one exists
- if (!err) {
- ErrorState *anErr = errorCon(ERR_CANNOT_FORWARD, HTTP_INTERNAL_SERVER_ERROR, request);
- errorAppendEntry(entry, anErr);
- }
+ startConnectionOrFail();
+ return;
}
// TODO: should we call completed() here and move doneWithRetries there?
if (serverConnection()->getPeer())
peerConnectSucceded(serverConnection()->getPeer());
- updateHierarchyInfo();
-
#if USE_SSL
if ((serverConnection()->getPeer() && serverConnection()->getPeer()->use_ssl) ||
(!serverConnection()->getPeer() && request->protocol == AnyP::PROTO_HTTPS)) {
assert(serverDestinations[0] != NULL);
assert(fd == serverDestinations[0]->fd);
- if (Config.onoff.log_ip_on_direct && serverDestinations[0]->peerType == HIER_DIRECT)
- updateHierarchyInfo();
-
if (entry->isEmpty()) {
ErrorState *anErr = errorCon(ERR_CONNECT_FAIL, HTTP_GATEWAY_TIMEOUT, request);
anErr->xerrno = ETIMEDOUT;
request->flags.pinned = 1;
if (pinned_connection->pinnedAuth())
request->flags.auth = 1;
- updateHierarchyInfo();
dispatch();
return;
}
if (!serverConnection()->getPeer())
origin_tries++;
- updateHierarchyInfo();
comm_add_close_handler(serverConnection()->fd, fwdServerClosedWrapper, this);
/* Update server side TOS and Netfilter mark on the connection. */
if (request->bodyNibbled())
return 0;
- serverDestinations.shift();
-
- if (serverDestinations.size() == 0) {
+ if (serverDestinations.size() <= 1) {
+ // NP: <= 1 since total count includes the recently failed one.
debugs(17, 3, HERE << "No alternative forwarding paths left");
return 0;
}
FwdReplyCodes[tries][status]++;
}
-/** From Comment #5 by Henrik Nordstrom made at
-http://www.squid-cache.org/bugs/show_bug.cgi?id=2391 on 2008-09-19
-
-updateHierarchyInfo should be called each time a new path has been
-selected or when more information about the path is available (i.e. the
-server IP), and when it's called it needs to be given reasonable
-arguments describing the now selected path..
-
-It does not matter from a functional perspective if it gets called a few
-times more than what is really needed, but calling it too often may
-obviously hurt performance.
-*/
-// updates HierarchyLogEntry, guessing nextHop and its format
-void
-FwdState::updateHierarchyInfo()
-{
- assert(request);
- assert(serverDestinations.size() > 0);
-
- request->hier.note(serverConnection(), request->GetHost());
-}
-
-
/**** PRIVATE NON-MEMBER FUNCTIONS ********************************************/
/*
static void initModule();
static void fwdStart(const Comm::ConnectionPointer &client, StoreEntry *, HttpRequest *);
+
+ /// This is the real beginning of server connection. Call it whenever
+ /// the forwarding server destination has changed and a new one needs to be opened.
+ /// Produces the cannot-forward error on fail if no better error exists.
void startConnectionOrFail();
+
void fail(ErrorState *err);
void unregister(Comm::ConnectionPointer &conn);
void unregister(int fd);
void start(Pointer aSelf);
static void logReplyStatus(int tries, http_status status);
- void updateHierarchyInfo();
void doneWithRetries();
void completed();
void retryOrBail();
void
Log::Format::SquidNative(AccessLogEntry * al, Logfile * logfile)
{
- const char *user = NULL;
- char clientip[MAX_IPSTRLEN];
+ char hierHost[MAX_IPSTRLEN];
- user = ::Format::QuoteUrlEncodeUsername(al->cache.authuser);
+ const char *user = ::Format::QuoteUrlEncodeUsername(al->cache.authuser);
if (!user)
user = ::Format::QuoteUrlEncodeUsername(al->cache.extuser);
if (user && !*user)
safe_free(user);
+ char clientip[MAX_IPSTRLEN];
+ if (al->tcpClient != NULL)
+ al->tcpClient->remote.NtoA(clientip, sizeof(clientip));
+ else
+ al->cache.caddr.NtoA(clientip, sizeof(clientip));
+
logfilePrintf(logfile, "%9ld.%03d %6d %s %s%s/%03d %"PRId64" %s %s %s %s%s/%s %s%s",
(long int) current_time.tv_sec,
(int) current_time.tv_usec / 1000,
al->cache.msec,
- al->cache.caddr.NtoA(clientip, MAX_IPSTRLEN),
+ clientip,
::Format::log_tags[al->cache.code],
al->http.statusSfx(),
al->http.code,
user ? user : dash_str,
al->hier.ping.timedout ? "TIMEOUT_" : "",
hier_code_str[al->hier.code],
- al->hier.host,
+ al->hier.tcpServer != NULL ? al->hier.tcpServer->remote.NtoA(hierHost, sizeof(hierHost)) : "-",
al->http.content_type,
(Config.onoff.log_mime_hdrs?"":"\n"));
// went to peer, log peer host name
xstrncpy(host, tcpServer->getPeer()->name, sizeof(host));
} else {
- // went DIRECT, must honor log_ip_on_direct
- if (!Config.onoff.log_ip_on_direct)
- xstrncpy(host, requestedHost, sizeof(host));
- else
- tcpServer->remote.NtoA(host, 256);
+ xstrncpy(host, requestedHost, sizeof(host));
}
}
}
int digest_generation;
#endif
- int log_ip_on_direct;
int ie_refresh;
int vary_ignore_expire;
int pipeline_prefetch;
projects / thirdparty / squid.git / commitdiff
