Hi,
Things are a little clearer now, maybe. "always_direct" is a directive to
squid saying "do not go to parent cache, fetch from the web server
yourself". Note that this is a directive to squid. It is *not* a directive
to the browser. If you want the browsers on .0 to go direct to the servers
on .1 without going through the squid, you need to configure the browsers.
You cannot do it from squid. If you don't want to configure browsers, then
squid must be given access to the servers on .1. If you don't have a
parent cache, you do not need "always_direct".
Colin
On Fri, 22 Mar 2002, Zbigniew wrote:
> I changed squid.conf as follows.
>
> acl local-servers dstdomain <snip>.com
> acl sub1-servers dst 192.168.1.0/255.255.255.0
> acl sub0-servers src 192.168.0.0/255.255.255.0
> always_direct allow local-servers
> always_direct allow sub0-servers
> always_direct allow sub1-servers
>
> Since the user is on the .0 subnet and the web server is on the .1.
> It still doesn't work.
> I'm thinking that even though the proxy sends it direct, the firewall is
> forcing it to go to proxy no matter what.
Received on Sun Mar 24 2002 - 18:04:27 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:03 MST