Masataka_Tanaka wrote:
> 1 .dom1.tanaka.co.jp --> proxyB
> 2 xxx.yyy.zzz.0/25 --> proxyB
> 3 other of above in xxx.0.0.0/25 --> direct
> 4 internet (external) --> proxyA
>
> Please give me any advise you think, even just your idea.
------- example squid.conf: ----------------
# define "all" to match everyone. Squid uses this in various
# built in default settings, so it should always be defined.
acl all src 0.0.0.0/0
# Access control limiting which users are allowed to use
# this proxy
acl my_users src xxx.yyy.zzz.0-xxx.yyy.zzz.255/25
http_access allow my_users
# Set up parent proxies without ICP.
# change port 3128 to whatever your proxies run on.
cache_peer proxyA.tanaka.co.jp parent 3128 0 no-query
cache_peer proxyB.tanaka.co.jp parent 3128 0 no-query
# Route request to the proper proxy
acl to_dom1 dstdomain .dom1.tanaka.co.jp
acl to_net5 dst xxx.yyy.zzz.0-xxx.yyy.zzz.255/25
acl to_local_net dst xxx.0.0.0/255.0.0.0
cache_peer_access proxyA.tanaka.co.jp deny to_dom1
cache_peer_access proxyA.tanaka.co.jp deny to_net5
cache_peer_access proxyB.tanaka.co.jp allow to_dom1
cache_peer_access proxyB.tanaka.co.jp allow to_net5
# Direct to local net, except for net5
always_direct allow to_local_net !to_net5
# Never direct for all else.
never_direct allow all
# Cache directories (you have to fill this in)
cache_dir ...
-----------------------------------------------------
You can use the above squid.conf as it is. You do not need to keep the
distributed squid.conf template (it is always available in
squid.conf.default if you need to look something up).
-- Henrik Nordstrom Squid hackerReceived on Thu Nov 18 1999 - 14:53:31 MST
This archive was generated by hypermail pre-2.1.9 : Wed Apr 09 2008 - 11:57:32 MDT