Access denied retried via parent??

From: Marc van Selm <>
Date: Tue, 20 Apr 1999 09:07:19 +0200

I've noticed something odd. Let me explain the background:

- I have forced some local domains to go direct via always_direct
- I also have 2 parents (and 1 sibling). The parents are used for international
- These local domains can't be accessed from the outside due to a router filter

When a user configures his browser to use the proxy for all queries (so
also the local ones) and the local server gives an access-denied
Squid-2.2STABLE1 retries these via the first parent.

This is clearly not the intention. They will fail again (after a long time)
because the router filter blocks the parent from accessing these local
servers. As a result the error produced is a "I can access the server" from
the parent and no the "access-denied" I want.

Is this intended? Can this behavior be configured? If not where in the
source is this decision made (so I can create a patch)

I know the users should not access local servers via the proxy. In fact our
proxy-autoconfig makes sure they don't but some users are stubborn and do
it anyway.

Thanks for your help, Marc
Marc van Selm
NATO C3 Agency
Communication Systems Division, A-Branch
Tel: +31 70 3142454
Received on Tue Apr 20 1999 - 01:11:31 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:45:52 MST