From: Christos Tsantilas <chtsanti@users.sourceforge.net>
Date: Fri, 9 Sep 2011 20:41:40 +0000 (+0300)
Subject: %la for intercepted connections
X-Git-Tag: take08~4^2~6
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=284175067442617f6d20f4cddceca4d7c16891ff;p=thirdparty%2Fsquid.git

%la for intercepted connections

This patch adjusts the %la logformat code handling for intercepted connections
based on the following rules:
 - If the corresponding http_port or https_port option has an explicit
   listening host name or IP address, then log the IP address.
 - Otherwise, log a dash character.

Also adjusts %lp logformat code handling for intercepted connections to always
log the port number from the corresponding http_port or https_port option.


Amos comments about %la formating code:
For the record these are the permutations we seek to cover...

Scenario 1: client 192.168.0.3 connects to google (74.125.237.81). Gets intercepted into Squid.

  1a) squid.conf:  http_port 3129 intercept|tproxy

   tcpClient->remote == 192.168.0.3:$random    (%>a:%>p)
   tcpClient->local == 74.125.237.81:80        (%>la:%>lp)
   al->cache.port->s.local == 0.0.0.0:3129     (%la:%lp) [log "-"]

  1b) squid.conf:  http_port 192.168.0.1:3129 intercept|tproxy

   tcpClient->remote == 192.168.0.3:$random    (%>a:%>p)
   tcpClient->local == 74.125.237.81:80        (%>la:%>lp)
   al->cache.port->s.local == 192.168.0.1:3129  (%la:%lp) [log 192...]


Scenario 2: client 192.168.0.3 connects to Squid asking for http://google.com

  2a) squid.conf:  http_port 3128 [accel]

   tcpClient->remote == 192.168.0.3:$random    (%>a:%>p)
   tcpClient->local == 192.168.0.1:3128        (%>la:%>lp)
   al->cache.port->s.local == 0.0.0.0:3128     (%la:%lp) [log 192...]

  2b) squid.conf:  http_port 192.168.0.1:3128 [accel]

   tcpClient->remote == 192.168.0.3:$random    (%>a:%>p)
   tcpClient->local == 192.168.0.1:3128        (%>la:%>lp)
   al->cache.port->s.local == 192.168.0.1:3128 (%la:%lp) [log 192...]


Senario 3: squid generates an internal request.

 tcpClient == NULL    (%>a:%>p,%>la:%>lp) [log "-"]
 al->cache.port == NULL     (%la:%lp) [log "-"]
---

diff --git a/src/AccessLogEntry.h b/src/AccessLogEntry.h
index e4c29fa0fd..5c2d80616d 100644
--- a/src/AccessLogEntry.h
+++ b/src/AccessLogEntry.h
@@ -39,6 +39,7 @@
 #if ICAP_CLIENT
 #include "adaptation/icap/Elements.h"
 #endif
+#include "ProtoPort.h"
 
 /* forward decls */
 class HttpReply;
@@ -148,6 +149,7 @@ public:
 
         const char *ssluser;
 #endif
+        http_port_list *port;
 
     } cache;
 
diff --git a/src/cf.data.pre b/src/cf.data.pre
index 0017664fa5..e9ac298bc5 100644
--- a/src/cf.data.pre
+++ b/src/cf.data.pre
@@ -2901,6 +2901,9 @@ DOC_START
 		>la	Local IP address the client connected to
 		>lp	Local port number the client connected to
 
+		la	Local listening IP address the client connection was connected to.
+		lp	Local listening port number the client connection was connected to.
+
 		<a	Server IP address of the last server or peer connection
 		<A	Server FQDN or peer name
 		<p	Server port number of the last server or peer connection
diff --git a/src/client_side.cc b/src/client_side.cc
index 7c9b33b024..ea09e58bbd 100644
--- a/src/client_side.cc
+++ b/src/client_side.cc
@@ -640,7 +640,10 @@ ClientHttpRequest::logRequest()
 
     al.cache.caddr.SetNoAddr();
 
-    if (getConn() != NULL) al.cache.caddr = getConn()->log_addr;
+    if (getConn() != NULL) {
+        al.cache.caddr = getConn()->log_addr;
+        al.cache.port =  cbdataReference(getConn()->port);
+    }
 
     al.cache.requestSize = req_sz;
     al.cache.requestHeadersSize = req_sz;
diff --git a/src/format/Format.cc b/src/format/Format.cc
index 18ab080072..1f5b2676c0 100644
--- a/src/format/Format.cc
+++ b/src/format/Format.cc
@@ -367,14 +367,32 @@ Format::Format::assemble(MemBuf &mb, AccessLogEntry *al, int logSequenceNumber)
             }
             break;
 
-        case LFT_CLIENT_LOCAL_IP_OLD_31:
+        case LFT_LOCAL_LISTENING_IP: {
+            // avoid logging a dash if we have reliable info
+            const bool interceptedAtKnownPort = (al->request->flags.spoof_client_ip ||
+                                                 al->request->flags.intercepted) && al->cache.port;
+            if (interceptedAtKnownPort) {
+                const bool portAddressConfigured = !al->cache.port->s.IsAnyAddr();
+                if (portAddressConfigured)
+                    out = al->cache.port->s.NtoA(tmp, sizeof(tmp));
+            } else if (al->tcpClient != NULL)
+                out = al->tcpClient->local.NtoA(tmp, sizeof(tmp));
+        }
+        break;
+
         case LFT_CLIENT_LOCAL_IP:
             if (al->tcpClient != NULL) {
                 out = al->tcpClient->local.NtoA(tmp,sizeof(tmp));
             }
             break;
 
-        case LFT_CLIENT_LOCAL_PORT_OLD_31:
+        case LFT_LOCAL_LISTENING_PORT:
+            if (al->cache.port) {
+                outint = al->cache.port->s.GetPort();
+                doint = 1;
+            }
+            break;
+
         case LFT_CLIENT_LOCAL_PORT:
             if (al->tcpClient != NULL) {
                 outint = al->tcpClient->local.GetPort();
diff --git a/src/format/Tokens.cc b/src/format/Tokens.cc
index 2a87214a16..0a4f1b0aeb 100644
--- a/src/format/Tokens.cc
+++ b/src/format/Tokens.cc
@@ -62,9 +62,9 @@ static struct TokenTableEntry TokenTable1C[] = {
 static struct TokenTableEntry TokenTable2C[] = {
 
     {">la", LFT_CLIENT_LOCAL_IP},
-    {"la", LFT_CLIENT_LOCAL_IP_OLD_31},
+    {"la", LFT_LOCAL_LISTENING_IP},
     {">lp", LFT_CLIENT_LOCAL_PORT},
-    {"lp", LFT_CLIENT_LOCAL_PORT_OLD_31},
+    {"lp", LFT_LOCAL_LISTENING_PORT},
     /*{ "lA", LFT_LOCAL_NAME }, */
 
     {"<la", LFT_SERVER_LOCAL_IP},
@@ -496,16 +496,6 @@ done:
         type = LFT_HTTP_SENT_STATUS_CODE;
         break;
 
-    case LFT_CLIENT_LOCAL_IP_OLD_31:
-        debugs(46, 0, "WARNING: The \"la\" formatting code is deprecated. Use the \">la\" instead.");
-        type = LFT_CLIENT_LOCAL_IP;
-        break;
-
-    case LFT_CLIENT_LOCAL_PORT_OLD_31:
-        debugs(46, 0, "WARNING: The \"lp\" formatting code is deprecated. Use the \">lp\" instead.");
-        type = LFT_CLIENT_LOCAL_PORT;
-        break;
-
     case LFT_SERVER_LOCAL_IP_OLD_27:
         debugs(46, 0, "WARNING: The \"oa\" formatting code is deprecated. Use the \"<la\" instead.");
         type = LFT_SERVER_LOCAL_IP;
diff --git a/src/format/Tokens.h b/src/format/Tokens.h
index aff0212f11..fefe2e059c 100644
--- a/src/format/Tokens.h
+++ b/src/format/Tokens.h
@@ -35,9 +35,9 @@ typedef enum {
     LFT_SERVER_PORT,
 
     LFT_CLIENT_LOCAL_IP,
-    LFT_CLIENT_LOCAL_IP_OLD_31,
+    LFT_LOCAL_LISTENING_IP,
     LFT_CLIENT_LOCAL_PORT,
-    LFT_CLIENT_LOCAL_PORT_OLD_31,
+    LFT_LOCAL_LISTENING_PORT,
     /*LFT_LOCAL_NAME, */
 
     LFT_SERVER_LOCAL_IP,
diff --git a/src/log/access_log.cc b/src/log/access_log.cc
index fc77705959..228fee6f3d 100644
--- a/src/log/access_log.cc
+++ b/src/log/access_log.cc
@@ -596,6 +596,7 @@ accessLogFreeMemory(AccessLogEntry * aLogEntry)
     HTTPMSGUNLOCK(aLogEntry->icap.reply);
     HTTPMSGUNLOCK(aLogEntry->icap.request);
 #endif
+    cbdataReferenceDone(aLogEntry->cache.port);
 }
 
 int