Re: [squid-users] cache_peer & cache_peer_domain not working

From: Daniel Lim <Daniel.Lim@dont-contact.us>
Date: Wed, 05 Jun 2002 11:18:11 +1000

Thanks so much Henrik, it works now.
Regards,
Daniel

>>> Henrik Nordström <hno@marasystems.com> 4/06/2002 17:58:44 >>>
The logics is inverse. You need to deny the domain from using the other

parents.

cache_peer_access (and cache_peer_domain) controls what MAY be sent to
the
peer. Only what is allowed will ever be sent there. The default if is
that
all requests is allowed to use that peer.

Regards
Henrik

Daniel Lim wrote:
> Hello there,
> I am having problem in squid to force a website/domain requested by
our
> users to go through only one firewall rather than multiple. I used
both
> cache_peer and cache_peer_domain on the squid server but the
> transactions for that website still go through all 3 firewalls.
>
> We have 3 firewalls for redundancy and load-sharing, due to strict
> security requirements of this particular website www.xxx.com.au, all
> accesses must come from one of the firewalls only i.e. one IP, or
else
> users will be disconnected when the website sees different IP
sources.
>
> In squid.conf I have these:
>
> cache_peer 192.168.127.50 parent 80 7 no-query round-robin
> cache_peer 192.168.127.100 parent 80 7 no-query round-robin
> cache_peer 192.168.127.150 parent 80 7 no-query round-robin
>
>
> cache_peer_domain 192.168.127.100 .xxx.com.au # I
chose
> to go through the 2nd firewall
>
> Can anyone please shed light on where have I gone wrong?
>
> Much thanks in advance.

-- 
Basic free Squid support provided thanks to MARA Systems AB
Your source of advanced reverse proxy solutions or customized
Squid solutions. http://www.marasystems.com/products/ 
This e-mail message (and attachments) is confidential, and / or
privileged and is intended for the use of the addressee only. If you are
not the intended recipient of this e-mail you must not copy, distribute,
take any action in reliance on it or disclose it to anyone. Any
confidentiality or privilege is not waived or lost by reason of mistaken
delivery to you. DPWS is not responsible for any information not related
to the business of DPWS. If you have received this e-mail in error
please destroy the original and notify the sender
For information on services offered by DPWS, please visit our website at www.dpws.nsw.gov.au 
Received on Tue Jun 04 2002 - 19:18:30 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:08:26 MST