------------------------------------------------------------ revno: 12672 revision-id: squid3@treenet.co.nz-20140220012716-wflk5chioja0f4xb parent: squid3@treenet.co.nz-20140220012041-hvcglecl6zpgyhdz fixes bug(s): http://bugs.squid-cache.org/show_bug.cgi?id=3769 committer: Amos Jeffries branch nick: 3.3 timestamp: Wed 2014-02-19 18:27:16 -0700 message: Regression Bug 3769: client_netmask not evaluated since Comm redesign ------------------------------------------------------------ # Bazaar merge directive format 2 (Bazaar 0.90) # revision_id: squid3@treenet.co.nz-20140220012716-wflk5chioja0f4xb # target_branch: http://bzr.squid-cache.org/bzr/squid3/3.3 # testament_sha1: 843644071706e783956d61e079c5a9e0a418685d # timestamp: 2014-02-20 01:54:20 +0000 # source_branch: http://bzr.squid-cache.org/bzr/squid3/3.3 # base_revision_id: squid3@treenet.co.nz-20140220012041-\ # hvcglecl6zpgyhdz # # Begin patch === modified file 'src/AccessLogEntry.cc' --- src/AccessLogEntry.cc 2013-05-07 08:48:36 +0000 +++ src/AccessLogEntry.cc 2014-02-20 01:27:16 +0000 @@ -15,17 +15,30 @@ void AccessLogEntry::getLogClientIp(char *buf, size_t bufsz) const { + Ip::Address log_ip; + #if FOLLOW_X_FORWARDED_FOR if (Config.onoff.log_uses_indirect_client && request) - request->indirect_client_addr.NtoA(buf, bufsz); + log_ip = request->indirect_client_addr; else #endif if (tcpClient != NULL) - tcpClient->remote.NtoA(buf, bufsz); - else if (cache.caddr.IsNoAddr()) // e.g., ICAP OPTIONS lack client + log_ip = tcpClient->remote; + else if (cache.caddr.IsNoAddr()) { // e.g., ICAP OPTIONS lack client strncpy(buf, "-", bufsz); - else - cache.caddr.NtoA(buf, bufsz); + return; + } else + log_ip = cache.caddr; + + // Apply so-called 'privacy masking' to IPv4 clients + // - localhost IP is always shown in full + // - IPv4 clients masked with client_netmask + // - IPv6 clients use 'privacy addressing' instead. + + if (!log_ip.IsLocalhost() && log_ip.IsIPv4()) + log_ip.ApplyMask(Config.Addrs.client_netmask); + + log_ip.NtoA(buf, bufsz); } AccessLogEntry::~AccessLogEntry()