Re: [squid-users] squidguard hierarchy (fwd)

From: Dan Kubilos <dan@dont-contact.us>
Date: Thu, 25 Oct 2001 09:27:26 -0700 (PDT)

Thanks Colin for taking the time it did help.

I was using acl localhost *src* 127.0.0.1 thinking ( lamely ) that the
request was coming from the redirector.

I changed the acl to dst 127.0.0.1 and it works just as I wish.

On Thu, 25 Oct 2001, Colin Campbell wrote:

> Hi,
>
> On Wed, 24 Oct 2001, Dan Kubilos wrote:
>
> > The problem I'm having is that the school site squid box will NOT stop
> > forwarding requests that should be handled locally.
>
> That's because you've not told it otherwise.
>
> > relevant configs are
> > squid.conf
> > cache_peer squid1.oxnardsd.org parent 3128 3130 no-query round-robin
> > cache_peer squid2.oxnardsd.org parent 3128 3130 no-query round-robin
> >
> > redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf
> > acl localhost src 127.0.0.1/255.255.255.255
> > always_direct deny all
>
> So, never go direct, ever.
>
> > always_direct allow localhost
>
> Will never get used because of previous line.
>
> I suspect what will start you heading in the right direction is something
> like:
>
> acl intranet dst ....
> acl all src 0.0.0.0/0.0.0.0
> always_direct allow intranet
> never_direct allow all
>
> That will allow the school squids to access their "intranet" destinations
> directly but be forced to forward everything else to the parent caches.
>
> All of this is described in squid.conf.
>
> Colin
>

-- 
Dan Kubilos     __\o_ ^
K-8 Tech Coord
http://www.oxnardsd.org
Received on Thu Oct 25 2001 - 10:31:31 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:03:08 MST