Applies to Platform: UTM 5.0
Last Update: 23 November 2020
This article shows how to configure HTTP Proxy in order to disable logs for certain domains.
Scenario: There are situations when certain resources are accessed, but activities involving them must not be logged. In this case it is necessary to make some configurations for HTTP Proxy using the CLI (CLI mode), to disable the logging functions for certain domains defined in a "no log list".
The "nano" editor in the CLI mode of the appliance will be used for configuration. So, if you need more information on how to use the "nano" editor, please read Editing Text Files With Nano.
Enabling the HTTP Proxy and logging
First of all, you need to make sure that HTTP Proxy and proxy logging are enabled. To check this, you need to access Proxy > HTTP > Configuration > Enable HTTP Proxy. Make sure that logging is enabled by accessing Log settings > HTTP proxy logging and ticking Enable logging.
Logs can be viewed. This should be "HTTP proxy logs".
Disabling logs for certain domains
To disable logs for a domain or a list of domains, several configurations must be made on the HTTP Proxy in the terminal (CLI mode).
Accessing the Endian Appliance in CLI mode can be done both in the physical or virtual administration console or by initiating an SSH connection to TCP port 22. More details on how to connect can be found in How to connect my Endian Security Gateway.
After connecting to SSH, you need to:
- Create a file called no_log.txt in /var/efw/proxy/
root@endian:~# nano /var/efw/proxy/no_log.txt
After you create it, just put your domains one per line then save and exit:
.exampledomain.local
.otherdomain.local - Create a file called access_log.custom.tmpl in /var/efw/proxy/
root@endian:~# nano /var/efw/proxy/access_log.custom.tmpl
After creating this file, copy and paste in it the following lines then save and exit:
acl no_log dstdomain /var/efw/proxy/no_log.txt
access_log none no_log - Restart SQUID (HTTP Proxy)
root@endian:~# jobcontrol restart squid --force
When accessing the domains defined in the no_log.txt,no log file will be produced.
Comments