Francis Turner wrote:
> That explains a lot. Note that the FAQ
> (http://www.squid-cache.org/Doc/FAQ/FAQ-4.html#ss4.8) is somewhat
> misleading then since it appears to recommend using the never_direct
> line I tried to use.
Thanks for notifying us on the FAQ error. It now reads like this:
You can use the never_direct access list in squid.conf to specify
which requests must be forwarded to your parent cache outside the
firewall, and the always_direct access list to specify which requests
must not be forwarded. For example, if Squid must connect directly to
all servers that end with mydomain.com, but must use the parent for
all others, you would write:
acl INSIDE dstdomain .mydomain.com
always_direct allow INSIDE
never_direct allow all
You could also specify internal servers by IP address
acl INSIDE_IP dst 1.2.3.4/24
always_direct allow INSIDE
never_direct allow all
Note, however that when you use IP addresses, Squid must perform a DNS
lookup to convert URL hostnames to an address. Your internal DNS
servers may not be able to lookup external domains.
[the web copy will be updated within 24 hours]
Regards
Henrik
Received on Thu Jun 13 2002 - 10:35:13 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:08:40 MST