Hi,
On Wed, 24 Oct 2001, Dan Kubilos wrote:
> The problem I'm having is that the school site squid box will NOT stop
> forwarding requests that should be handled locally.
That's because you've not told it otherwise.
> relevant configs are
> squid.conf
> cache_peer squid1.oxnardsd.org parent 3128 3130 no-query round-robin
> cache_peer squid2.oxnardsd.org parent 3128 3130 no-query round-robin
>
> redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf
> acl localhost src 127.0.0.1/255.255.255.255
> always_direct deny all
So, never go direct, ever.
> always_direct allow localhost
Will never get used because of previous line.
I suspect what will start you heading in the right direction is something
like:
acl intranet dst ....
acl all src 0.0.0.0/0.0.0.0
always_direct allow intranet
never_direct allow all
That will allow the school squids to access their "intranet" destinations
directly but be forced to forward everything else to the parent caches.
All of this is described in squid.conf.
Colin
Received on Wed Oct 24 2001 - 18:29:22 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:03:07 MST