[plug] Squid access.log
Adam Davin
bladebadger at westnet.com.au
Sun Mar 23 22:47:33 WST 2003
Good evening All,
I recently installed qmail and have noticed these deny messages in the squid access.log file. To me they look like someone is trying to redirect through my http server to someone elses mail server, however squid is denying the request (and rightfully so if it is what I think).
Out of 14306 lines in my current access.log, 7602 are from these TCP_DENIED lines. Can anyone confirm or deny my thoughts.
Just to be clear, I am running squid as a transparent proxy to both internal (going out) and external (coming in) http requests.
Thanks in Advance
Adam Davin.
<-- Start of squid access.log snippit #cat /var/log/squid/access.log | grep tcp_denied | grep :25 -- >
1048372102.319 11 66.118.181.16 TCP_DENIED/403 1017 CONNECT 64.12.138.57:25
- NONE/- -
1048372104.632 15 69.0.254.52 TCP_DENIED/403 1017 CONNECT 64.12.136.89:25 -
NONE/- -
1048372106.477 11 66.118.181.17 TCP_DENIED/403 1019 CONNECT 64.12.138.120:25
- NONE/- -
1048372115.840 13 69.0.254.35 TCP_DENIED/403 1017 CONNECT 64.12.138.89:25 -
NONE/- -
1048372126.141 14 66.234.10.57 TCP_DENIED/403 1017 CONNECT 64.12.138.89:25 -
:
<--End of Snippit-->
More information about the plug
mailing list