pfSense: Exclude an IP out of your Squid3 log

Leave a comment

Poor support from pfSense!

ref1: Squid “access_log” Documentation
ref2: Squid 3.0 Configuration Manual
ref3: My Q&A – from pfSense
ref4: First posting and fix at pfSense reported in April 2015

How to successfully exclude an IP out of your Squid log

If you ever get to read the ref1 as set out above, you will see that according to the official documentation it should be as easy as writing an ACL and excluding it (As it used to work in Squid version 2+), but, it seems that pfSense broke something and even though I reported on this in April 2015, no answer has been forthcoming, nor did the developers do anything about it.

This is just a poor show from pfSense.  The developers should read the topics and fixes as pointed out by their technical users.  This is one of the most basic problems they could have fixed, but nooooo, slag the users, bad-mouth other developers and basically do their own thing is to the order of the day!

The fix in pfSense

    • go to “Services/Proxy Server/Logging Settings”
    • un-select “Enable Logging”
    • goto “Services/Proxy Server/Custom ACLS (Before_Auth)”
    • add:

acl ACLNAME src 10.0.0.10-10.0.0.11/32
logfile_rotate 3650
debug_options rotate=3650
access_log /var/squid/log/access.log squid !ACLNAME

  • Save and restart squid.

That should fix the problem.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: