I've noticed something odd. Let me explain the background:
- I have forced some local domains to go direct via always_direct
- I also have 2 parents (and 1 sibling). The parents are used for international
traffic.
- These local domains can't be accessed from the outside due to a router filter
When a user configures his browser to use the proxy for all queries (so
also the local ones) and the local server gives an access-denied
Squid-2.2STABLE1 retries these via the first parent.
This is clearly not the intention. They will fail again (after a long time)
because the router filter blocks the parent from accessing these local
servers. As a result the error produced is a "I can access the server" from
the parent and no the "access-denied" I want.
Is this intended? Can this behavior be configured? If not where in the
source is this decision made (so I can create a patch)
I know the users should not access local servers via the proxy. In fact our
proxy-autoconfig makes sure they don't but some users are stubborn and do
it anyway.
Thanks for your help, Marc
---------------------------------------------------------------------
Marc van Selm
NATO C3 Agency
Communication Systems Division, A-Branch
Tel: +31 70 3142454
E-mail: marc.van.selm@nc3a.nato.int
---------------------------------------------------------------------
Private: selm@cistron.nl, selm@het.net, http://www.cistron.nl/~selm
Received on Tue Apr 20 1999 - 01:11:31 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:45:52 MST