RE: [squid-users] Squid+Firewall

My mistake, I assumed that if I used dstdomain it would try to tunnel
directly as if the firewall wasn't there but it seems to work OK, Thanks.

Now on with problem NO 2

I go to www.botapoint.com.au, click on boats for sale, search for anything
in the last seven days and hit go. Up comes a list of boats, select any boat
with a picture and the boats details etc come up. Then I hit the back button
in ie and I get the following message

WARNING page has expired

the page you requested was created using information you submitted in a
form. This page is no longer available. As a security precaution, Internet
Explorer does not automatically resubmit your information.

To resubmit your information and view this web page, click the refresh
button.

It looks like a client problem but it wasn't there before.

Any one got a clue to this one??

Barry

-----Original Message-----
From: Robert Collins [mailto:robert.collins@itdomain.com.au]
Sent: Wednesday, 12 September 2001 18:48
To: Barry Darnton
Cc: 'squid-users@squid-cache.org'
Subject: Re: [squid-users] Squid+Firewall

On Wed, 2001-09-12 at 18:18, Barry Darnton wrote:
> I have just got squid running and dont seem to be able to find the
solution
> in the doco's FAQ or in the digests so I am hoping someone out there in
> squid land can help.
>
> I have squid sitting behind a firewall. Squid can go anywhere without
> restriction, but I do am using smb_auth to authenticate users going to the
> internet. I also have some directly connected (private link remote and
> local) web servers that the inside users need to access transparantly. I
> have got the directly connected servers working without authentication and
> authentication working for internet access but I have one more problem.
The
> users need to access a site that is outside the firewall without
> authentication but I cant seem to get squid to do a parent to the firewall
> for these sites, if I put them in the same category as my directly
connected
> sites it tries to tunnel through the firewall as if it wasn't there, ie it
> tries to go direct.

So when you say squid can go anywhere, what you mean is that squid,
using the firewall as a parent has access to anywhere it wants to go to?

And that there are some servers you want to allow access to without
forcing the users to authenticate?

just add dst or dstdomain acls for those sites, and then reference them
in http_access statements before any proxy_auth acl's are referenced.

Rob

**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you are not the intended recipient, please
delete it and notify the sender.

Views expressed in this message and any attachments are those
of the individual sender, and are not necessarily the views of the
Childrens Hospital at Westmead

This footnote also confirms that this email message has been
virus scanned and although no computer viruses were detected,
the Childrens Hospital at Westmead accepts no liability for any
consequential damage resulting from email containing computer
viruses.
**********************************************************************
Received on Wed Sep 12 2001 - 22:02:03 MDT