我已经在 Raspbian Wheezy OS 上配置了 squid3,这是配置文件(squid.conf):
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl localnet src 192.168.0.0/24 # RFC1918 possible internal network
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 81 # port added for testing
acl allowedSites1 dstdomain khooloo.cloudapp.net ## Newly Added
acl allowedSites2 dstdomain moovah.co.za
acl allowedSites3 dstdomain moovahapp.net
acl allowedSites4 dstdomain moovahapp.com
acl allowedSites5 dstdomain 168.63.241.212 ## Newly Added
acl allowedSites6 dstdomain 192.168.0.11 ## Newly Added
acl allowedSites7 dstdomain http://docs.google.com
acl BlockedHost src "/etc/squid3/blockedip"
#acl WhiteList src "/etc/squid3/whitelist"
http_access deny BlockedHost
#http_access allow WhiteList
acl CONNECT method CONNECT
http_access allow manager localhost
http_access allow localnet
http_access deny manager
http_access deny !Safe_ports
http_access deny to_localhost
icp_access deny all
#http_access deny all
http_port 3128 intercept
http_port 80 vhost
hierarchy_stoplist cgi-bin ?
access_log /var/log/squid3/access.log squid
#Suggested default:
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
# Leave coredumps in the first cache dir
coredump_dir /var/spool/squid3
# block all other access
http_access allow allowedSites1
http_access allow allowedSites2
http_access allow allowedSites3
http_access allow allowedSites4
http_access allow allowedSites5
http_access allow allowedSites6
http_access allow allowedSites7
http_access deny all
我可以监控 http 日志。
有人能帮我监控 https 日志吗?
谢谢
答案1
我认为您可能需要考虑这里的一些工具:http://www.squid-cache.org/Misc/log-analysis.html