Hello,
I have a situation where a tunnel provides access to a web proxy on the
company intranet. I would like squid on my local network to provide
transparent access to my company's intranet servers. Here is a diagram
to hopefully make things clearer:
local network <===tunnel===> company intranet
with squid with web proxy
I've been trying to use cache_peer_access to cause squid to direct
intranet requests to the intranet proxy *without* attempting a DNS
lookup. Here is the (doctored) snippet from squid.conf:
cache_peer intranet-proxy.company.com parent 8080 0 no-digest no-query
acl intranet dstdomain .company.com
acl intranet dstdomain .internal-domain.net
cache_peer_access intranet-proxy.company.com allow intranet
cache_peer_access intranet-proxy.company.com deny all
never_direct allow intranet
Using the snippet above, I find that squid doesn't recognize requests
for the intranet. It attempts (and fails) the DNS lookup instead. Here
is an example from access.log and store.log:
1035323417.302 2 10.0.0.6 TCP_MISS/503 1222 GET http://www.internal-domain.net/index.html - NONE/- -
1035323417.302 RELEASE -1 FFFFFFFF D3CA4CCE643E2AF4770B23E76EC0348F 503 -1 -1 -1 unknown -1/1130 GET http://www.internal-domain.net/index.html
If anybody can provide advice or suggestions on why I can't get this to
work, I'd love to hear from you!
Thanks,
Aron
Received on Tue Oct 22 2002 - 16:34:12 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:10:46 MST