Does Squid (v2.4S4, on a Linux box) attempt to resolve the addresses of
blocked URLs?
I've got these lines in my squid.conf:
acl gatorcom dstdomain .gator.com
http_access deny gatorcom
To judge by access.log, the denial is working:
1014325396.294 1 192.168.0.3 TCP_DENIED/403 1052 POST
http://regserver.gator.com/cmd/client_user_info - NONE/- -
1014325996.304 1 192.168.0.3 TCP_DENIED/403 1052 POST
http://regserver.gator.com/cmd/client_user_info - NONE/- -
1014326596.325 1 192.168.0.3 TCP_DENIED/403 1052 POST
http://regserver.gator.com/cmd/client_user_info - NONE/- -
1014327196.350 1 192.168.0.3 TCP_DENIED/403 1052 POST
http://regserver.gator.com/cmd/client_user_info - NONE/- -
1014327796.371 1 192.168.0.3 TCP_DENIED/403 1052 POST
http://regserver.gator.com/cmd/client_user_info - NONE/- -
1014328396.386 1 192.168.0.3 TCP_DENIED/403 1052 POST
http://regserver.gator.com/cmd/client_user_info - NONE/- -
Yet my nameserver logs contain notifications that "regserver.gator.com" is
misconfigured. Huh? How would it know anything about this server unless
Squid tried to resolve the URL given to it?
If in fact Squid is resolving blocked domains, that's really an unneeded
use of system resources. Why do we care about the address if the HTTP
request is going to be denied?
So, is squid attempting to resolve blocked domains, or not?
Thanks.
Received on Thu Feb 21 2002 - 18:15:02 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:06:30 MST