Re: ACLs - a seriously weird thing

From: <rstagg@dont-contact.us>
Date: Thu, 18 Feb 1999 14:06:31 +0000

Hello,

Just to avoid red herrings here - I have DNSServers set to 3, and always
have done. I never set it to 0, so that's not going to be contributing to
the situation.

I agree entirely about ACL syntax. Definitely worth a second look.

Rgds

Richard Stagg

jlarmour@cygnus.co.uk on 18/02/99 13:53:42

To: Richard Stagg/TMU/CSC
cc: squid-users@ircache.net
Subject: Re: ACLs - a seriously weird thing

rstagg@csc.com wrote:
>
> * The ACL syntax may have been questionable (I have had netmasks
suggested
> to me already) but it certainly worked.
Well, its certainly making sure you have the right syntax otherwise you
will
get undefined behaviour, which might work now, and might not in future.
> * I don't use DNSServers - all traffic (except SSL) is pointed to an
> upstream parent on a DMZ.
Aha!!! I bet you've set dns_children to 0. I strongly suggest you increase
it back up to 5 or so - read the comment in squid.conf for why.
dnsservers are slightly misunderstood in general - their sole purpose is to
stop squid blocking. If the thing is that you don't want squid to _cache_
DNS lookups, look at the positive_dns_ttl and negative_dns_ttl lines in
squid.conf, rather than changing the number of dnsservers.
Jifl

--
Cygnus Solutions, 35 Cambridge Place, Cambridge, UK.  Tel: +44 (1223)
728762
"Women marry hoping their husbands will change, men||Home e-mail: jifl @
marry hoping their wives never do. Both are rare." ||
jifvik.demon.co.uk
Help fight spam! http://spam.abuse.net/  These opinions are all my own
fault
Received on Thu Feb 18 1999 - 07:36:53 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:44:36 MST