Hey all,
We are using a layer 4 switch to pump all port 80 TCP/IP traffic to two
squid servers. This is all warm and fuzzy and working wonderfully.
The problem we are having is that we are transparently proxying our
customers and this "breaks" a few of their applications. Since there is
no "forward" acl operator in squid (only "allow" or "deny"), I am looking
for ways to selectively eliminate an IP or group of IP's from squid's
proxying. I've just finished reading over squid's documentation and I cant
find anything that will work with transparent proxying (The switch only
has 1 ACL if you can believe it).
What I'm now looking into is a way to add rules to ipchains on the squid
boxes. These rules would forward packets from the selected IP's straight
to our border router for direct processing and bypass squid all together.
Am I mad? Am I insane? Is anyone else doing something like this? Will
it even work??
The lists will hopefully be very short (and static of course).
-- Ken Kirchner : kenk@shreve.net Assitant System Administrator : Tel (318)222-2638 ShreveNet, Inc. : Fax (318)213-2650 ShreveNet - Your Premium Internet Service Provider! -- To unsubscribe, see http://www.squid-cache.org/mailing-lists.htmlReceived on Wed Aug 23 2000 - 01:36:50 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:55:04 MST