SquidGuard is a URL redirector used to use blacklists with the proxysoftware Squid. There are two big advantages to squidguard: it is fast and it is free.
Logging
Primary tabs
varnishncsa Startup
With Varnish installed from source, daemontools is an easy way to run the logging daemon. If you haven't already, install daemontools.
Create a directory for the varnishncsa
service:
mkdir -m 1755 /var/service/varnishncsa
cd /var/service/varnishncsa
Create the run script and make it executable:
echo '#!/bin/sh' > run
echo 'exec 2>&1' >> run
echo 'exec varnishncsa' >> run
chmod 755 run
Our log script comes from John Simpson's:
mkdir -m 755 log
cd log
wget http://qmail.jms1.net/scripts/service-any-log-run
mv service-any-log-run run
chmod 755 run
In order to show the proper IP address from clients, you'll need to adjust the Varnish vcl file to set custom header with the client's IP:
sub vcl_recv {
# Add a unique header containing the client address
remove req.http.X-Forwarded-For;
set req.http.X-Forwarded-For = client.ip;
}
Then adjust your webserver's log format to use this header:
- Lighttpd (
/service/lighttpd/root/lighttpd.conf
:accesslog.format = "%{X-Forwarded-For}i %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i""
- Apache (
/usr/local/apache2/etc/httpd.conf
):
LogFormat "%{X-Forwarded-For}i %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" varnishcombined
and in your virtual host config:
CustomLog /path/to/access/log varnishcombined
Edit the varnishncsa line in /var/service/varnishncsa/run
to write to your website access log:
exec varnishncsa -a -w /var/websites/www.example.com/logs/access.log
For VirtualHosts:
exec varnishncsa -m "RxHeader:^Host: example.com$" -a -w /var/websites/logs/example.com-access.log
Add the service to daemontools by creating the symbolic link in /service
ln -s /var/service/varnishncsa /service/varnishncsa
Confirm that the service is running:
svstat /service/varnishncsa /service/varnishncsa/log
Resources
log the user's IP, not the proxy's, in Lighttpd access log
Save the split log for every host
http://cainmanor.com/tech/setup-logging-for-varnish
http://constantshift.com/page/6/
- Log in to post comments