Oh, yeah...You need to bypass based on destination IP. My Cisco syntax
is a bit lacking, but I think you just use the second IP field in your
deny rule, right?
Something like:
access-list 102 deny any 208.45.156.202
Maybe?
Chad Whitten wrote:
> on further review, that wouldnt do it because that is the ip of the
> site that
> is not supposed to be proxied and what i was thinking was dont redirect
> packets bound for that ip when the syntax is dont redirect packets
> originating from that ip which not the ip on my network. i suppose i
> could
> give the dial-up user a static ip and not redirect any of their
> traffic but
> there has got to be a better way.
>
> On Friday 08 November 2002 03:46 pm, you wrote:
>
> >Yep. Something like that ought to do it.
> >
> >Chad Whitten wrote:
> >
> >>guess i would need to setup an access list and then use the
> >>ip wccp web-cache redirect-list # for this?
> >>does this syntax look okay
> >>
> >>access-list 102 deny 208.45.156.202
> >>access-list 102 permit any any
> >>
> >>then in wccp config
> >>ip wccp web-cache redirect-list 102
> >>
> >>would that do it?
> >>
> >>On Friday 08 November 2002 03:14 pm, you wrote:
> >>
> >>>Are you sure the site is just "not supposed to be cached". Perhaps it
> >>>is not supposed to be proxied?
> >>>
> >>>Sounds kinda like an authentication scheme that cannot be proxied is
> >>>being used, and it sounds like you're expecting Squid not to proxy
> >>>requests when the no_cache directive is used. Squid can't not proxy a
> >>>request once it receives it--it can proxy it, or close the connection.
> >>>Whether it caches the request is orthogonal, and clearly not the source
> >>>of the problem here.
> >>>
> >>>Add this site to your WCCP bypass list in your router, or you can
> bypass
> >>>it in the cache if WCCP redirection happens on a different leg than the
> >>>Squid box lives on.
> >>>
> >>>Chad Whitten wrote:
> >>>
> >>>>i am having a problem with a site that is not supposed to be cached.
> >>>>i have
> >>>>the following in squid.conf
> >>>>
> >>>>acl AIMCO url_regex ^http://intranet.aimco.com/$
> >>>>no_cache deny AIMCO
> >>>>
> >>>>running squid version Squid Cache: Version 2.4.STABLE7
> >>>>on linux - kernel 2.4.19 in transparent mode with wccp version 1 on a
> >>>>cisco
> >>>>router.
> >>>>
> >>>>everything works fine for everyone else, just this site is not
> >>>>supposed to be
> >>>>cached because its an intranet/vpn site. before i addd the no_cache
> >>>>directive, the user would just be prompted for password over and over.
> >>>>now
> >>>>they get past that but get 'page cannot be displayed message from ie'.
> >>>>squid
> >>>>still seems to be logging a lot of traffic from that site - mostly
> >>>>TCP_MISS/401 logs.
> >>>>
> >>>>any suggestions?
>
>
-- Joe Cooper <joe@swelltech.com> Web caching appliances and support. http://www.swelltech.comReceived on Fri Nov 08 2002 - 15:10:16 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:11:15 MST