Re: DNS lookup on every request?

From: Marc van Selm <>
Date: Wed, 21 Apr 1999 10:13:45 +0200

At 03:36 PM 4/20/99 -0400, Snyder, Bob wrote:


>OK, I'm still having problems. I also upgraded to Squid 2.2.STABLE1. Here's
>the relavent sections of my config file, with names changed to protect the
>less innocent:
>cache_peer parent 8080 7 no-query no-digest no-netdb-exchange
>acl internal src
>http_access allow manager localhost
>http_access deny manager
>http_access deny !Safe_ports
>http_access allow internal
>http_access deny all
>acl dstdom_regex -i [^:]*://[^:/]*example\.com[:/].*

This doesn't seem right to me. dstdom_regex works for the domain and not the
whole URL.

You might want to use:
acl ulr_regex -i [^:]*://[^:/]*example\.com[:/].*

acl dstdom_regex \.example\.com$

>cache_peer_access allow
>cache_peer_access deny all
>never_direct allow
>never_direct deny all
>The system is dual-homed, one interface on, the other on the
>Internet side. is a internal (non-Squid) proxy that can speak to
>internal runs a split-DNS, where internal systems
>are not visible to external DNS. Squid is pointed at external DNS.
>In access.log, I get:
>924636501.872 48 TCP_MISS/503 1141 GET
> - DIRECT/ -
>And the error page tells me "Host not found."
>I've also tried acl dstdomain, and that fails the
>same way. Will a dstdomain match any subordinate domain?

Marc van Selm
NATO C3 Agency
Communication Systems Division, A-Branch
Tel: +31 70 3142454
Received on Wed Apr 21 1999 - 02:24:11 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:45:53 MST