[8.951][BUG] Report Override

Hi matteo.lobbiani,

AFAICS you used the live log to check that.
Although the live logs show some general information, you nevertheless need to check the /var/log/http.log via SSH in order to see all available information. The  full log file provides something like this:

2012:05:21-10:08:13 skywalker httpproxy[3157]: id="0062" severity="info" sys="SecureWeb" sub="http" name="web request blocked, forbidden url detected" action="block" method="GET" srcip="***.***.****.****" dstip="" user="skywalker" statuscode="403" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="2840" request="0xfd18730" url="www.heise.de/" exceptions="" error=""

2012:05:21-10:08:13 skywalker httpproxy[3157]: id="0062" severity="info" sys="SecureWeb" sub="http" name="web request blocked, forbidden url detected" action="block" method="GET" srcip="***.***.***.***" dstip="" user="skywalker" statuscode="403" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="2873" request="0xfd18730" url="www.heise.de/favicon.ico" exceptions="" error=""

2012:05:21-10:08:45 skywalker httpproxy[3157]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="***.***.***.***" dstip="" user="" statuscode="404" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction=" ()" size="2619" request="0xfd18cd0" url="passthrough.fw-notify.net/favicon.ico" exceptions="" error="File not found"

  

Cheers,
Cristof

Hi matteo.lobbiani,

AFAICS you used the live log to check that.
Although the live logs show some general information, you nevertheless need to check the /var/log/http.log via SSH in order to see all available information. The  full log file provides something like this:

2012:05:21-10:08:13 skywalker httpproxy[3157]: id="0062" severity="info" sys="SecureWeb" sub="http" name="web request blocked, forbidden url detected" action="block" method="GET" srcip="***.***.****.****" dstip="" user="skywalker" statuscode="403" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="2840" request="0xfd18730" url="www.heise.de/" exceptions="" error=""

2012:05:21-10:08:13 skywalker httpproxy[3157]: id="0062" severity="info" sys="SecureWeb" sub="http" name="web request blocked, forbidden url detected" action="block" method="GET" srcip="***.***.***.***" dstip="" user="skywalker" statuscode="403" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="2873" request="0xfd18730" url="www.heise.de/favicon.ico" exceptions="" error=""

2012:05:21-10:08:45 skywalker httpproxy[3157]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="***.***.***.***" dstip="" user="" statuscode="404" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction=" ()" size="2619" request="0xfd18cd0" url="passthrough.fw-notify.net/favicon.ico" exceptions="" error="File not found"

  

Cheers,
Cristof

First case (category blocked):

2012:05:18-11:15:12 nextbitfw httpproxy[19940]: id="0060" severity="info" sys="SecureWeb" sub="http" name="web request blocked, forbidden category detected" action="block" method="GET" srcip="*.*.*.*" dstip="" user="lobbiani" statuscode="403" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="3025" request="0x9d765a0" url="www.redtube.com/" exceptions="" error="" reason="category" category="149" reputation="unverified" categoryname="****ography"
2012:05:18-11:15:14 nextbitfw httpproxy[19940]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="*.*.*.*" dstip="" user="" statuscode="404" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction=" ()" size="2606" request="0x104701b0" url="passthrough.fw-notify.net/favicon.ico" exceptions="" error="File not found"
2012:05:18-11:15:27 nextbitfw httpproxy[19940]: id="0063" severity="info" sys="SecureWeb" sub="http" name="Contentfilter override" url="www.redtube.com/" srcip="*.*.*.*" user="lobbiani" category="149" reason="test categoria"

Second Case (Url blocked):

2012:05:18-11:17:19 nextbitfw httpproxy[21083]: id="0062" severity="info" sys="SecureWeb" sub="http" name="web request blocked, forbidden url detected" action="block" method="GET" srcip="*.*.*.*" dstip="" user="lobbiani" statuscode="403" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFA
ction (Default content filter action)" size="2887" request="0x8bcee18" url="www.redtube.com/" exceptions="" error=""
2012:05:18-11:17:23 nextbitfw httpproxy[21083]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="*.*.*.*" dstip="" user="" statuscode="404" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction=" ()" size="2606" request="0xf6b1310" url="passthrough.fw-notify.net/favicon.ico" exceptions="" error="File not found"
2012:05:18-11:17:34 nextbitfw httpproxy[21083]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="*.*.*.*" dstip="209.222.138.10" user="lobbiani" statuscode="301" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="0" request="0x8bcee18" url="www.redtube.com/" exceptions="url" error=""