Re: Always direct for internal IP's??

From: Michael Vincent K. Pozon - CompE <vince@dont-contact.us>
Date: Mon, 17 Jul 2000 10:51:49 +0800 (PHT)

use :
 acl src 192.168.2.0/255.255.255.0

On Mon, 17 Jul 2000, Tony Melia wrote:

> How can I tell squid to always go direct for 192.168.2.* ?? I tried
> creating an ACL of this group, and specifying it as always_direct, but squid
> complains about my ACL format. Can anybody email me a working exclusion for
> this?
>
> Regards,
> Tony.
>
> Running squid 2.2.stabe4 with config as below
>
> http_port 8080
> icp_port 0
> tcp_incoming_address 0.0.0.0
> tcp_outgoing_address 255.255.255.255
> udp_incoming_address 0.0.0.0
> udp_outgoing_address 255.255.255.255
> cache_peer 192.168.2.23 Parent 80 7
> icp_query_timeout 0
> mcast_icp_query_timeout 2000
> dead_peer_timeout 10 seconds
> hierarchy_stoplist cgi-bin
> hierarchy_stoplist ?
> cache_mem 16777216 bytes
> cache_swap_low 90
> cache_swap_high 95
> maximum_object_size 41943040 bytes
> ipcache_size 1024
> ipcache_low 90
> ipcache_high 95
> fqdncache_size 1024
> cache_dir /var/spool/squid 1000 16 256
> cache_access_log /var/log/squid/access.log
> cache_log /var/log/squid/cache.log
> cache_store_log /var/log/squid/store.log
> emulate_httpd_log off
> mime_table /etc/squid/mime.conf
> log_mime_hdrs off
> pid_filename /var/run/squid.pid
> debug_options ALL,1
> log_fqdn off
> client_netmask 255.255.255.255
> ftp_user Squid@
> ftp_list_width 32
> cache_dns_program /usr/lib/squid/dnsserver
> dns_children 5
> dns_defnames off
> unlinkd_program /usr/lib/squid/unlinkd
> pinger_program /usr/lib/squid/pinger
> redirect_children 5
> redirect_rewrites_host_header on
> authenticate_children 5
> authenticate_ttl 3600
> wais_relay_port 0
> request_size 102400 bytes
> reference_age 7776000 seconds
> quick_abort_min 16 KB
> quick_abort_max 16 KB
> quick_abort_pct 95
> negative_ttl 300 seconds
> positive_dns_ttl 21600 seconds
> negative_dns_ttl 300 seconds
> range_offset_limit 0 bytes
> connect_timeout 120 seconds
> siteselect_timeout 10 seconds
> read_timeout 900 seconds
> request_timeout 45 seconds
> client_lifetime 86400 seconds
> half_closed_clients on
> pconn_timeout 120 seconds
> ident_timeout 10 seconds
> shutdown_lifetime 30 seconds
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1
> acl SSL_ports port 443
> acl SSL_ports port 563
> acl Safe_ports port 80
> acl Safe_ports port 21
> acl Safe_ports port 443
> acl Safe_ports port 563
> acl Safe_ports port 70
> acl Safe_ports port 210
> acl Safe_ports port 1025-65535
> acl Safe_ports port 77
> acl Safe_ports port 45
> acl CONNECT method CONNECT
> acl FTP proto ftp
> http_access Allow manager localhost
> http_access Allow manager
> http_access Deny CONNECT !SSL_ports
> http_access Allow localhost
> http_access Allow all
> icp_access Allow all
> miss_access Allow all
> proxy_auth_realm Squid proxy-caching web server
> ident_lookup_access Deny all
> cache_mgr root
> cache_effective_user squid
> cache_effective_group squid
> visible_hostname cdserver.dms
> announce_period 31536000 seconds
> announce_host tracker.ircache.net
> announce_port 3131
> httpd_accel_port 80
> httpd_accel_with_proxy off
> httpd_accel_uses_host_header off
> logfile_rotate 0
> tcp_recv_bufsize 0 bytes
> err_html_text
> memory_pools on
> memory_pools_limit 0 bytes
> forwarded_for on
> log_icp_queries on
> icp_hit_stale off
> minimum_direct_hops 4
> cachemgr_passwd XXXXXXXXXX all
> store_avg_object_size 13 KB
> store_objects_per_bucket 50
> client_db on
> netdb_low 900
> netdb_high 1000
> netdb_ping_period 300 seconds
> query_icmp off
> test_reachability off
> buffered_logs off
> reload_into_ims off
> never_direct Allow all
> never_direct Allow FTP
> anonymize_headers
> icon_directory /usr/lib/squid/icons
> error_directory /etc/squid/errors
> minimum_retry_timeout 5 seconds
> maximum_single_addr_tries 3
> snmp_port 3401
> forward_snmpd_port 0
> snmp_access Deny all
> snmp_incoming_address 0.0.0.0
> snmp_outgoing_address 255.255.255.255
> as_whois_server whois.ra.net
> incoming_icp_average 6
> incoming_http_average 4
> min_icp_poll_cnt 8
> min_http_poll_cnt 8
> max_open_disk_fds 0
> offline_mode off
> uri_whitespace deny
> prefer_direct on
> strip_query_terms on
>

--
m  i  c  h  a  e  l   v  i  n  c  e  n  t   p  o  z  o  n
             ::  mikevince@yahoo.com  ::
---------------------------------------------------------------
HPS Software & Communication Corp.     ICQ : 1413343
Pilipino Internet Cebu              office : (+63)(32) 3447847
Systems/Network Administrator       home   : (+63)(32) 3446427
CCNA,CCDA  - -  - - - - - - - - - - cell   : (+63) 917-3276966
 - - - - - - - - - - - - - - - - -  http://www.mikevince.com
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GIT/E d-(+) s: !a C++>$ UL++++>$ P++ L+++ E 
W+++ N+ o-- K- w++++ !O M-- V- PS+ PE-- Y+ 
PGP- t 5? X R tv b+ DI? D+ G e++ h!>h r !y+ 
------END GEEK CODE BLOCK------
Received on Sun Jul 16 2000 - 20:38:12 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:54:32 MST