RE: [squid-users] Squid 2.4.STABLE7 and VPN

Hi,

Thanks Henrik. I noticed another of your posts commenting on the fact
that this version of Squid doesn't use the hosts file. A quick change to
resolv.conf fixed the problem.

Thanks again.

Rhys

-----Original Message-----
From: Henrik Nordstrom [mailto:hno@marasystems.com]
Sent: Wednesday, 10 July 2002 00:23
To: Rhys Jones; squid-users@squid-cache.org
Subject: Re: [squid-users] Squid 2.4.STABLE7 and VPN

Rhys Jones wrote:
> Hi,
>
> Good spot, but not quite there. There is no browser but there was an
odd
> DNS issue. I have entered the appropriate IP details in the hosts file
> so name resolution is working for internal addresses. I am assuming
that
> using the PREROUTE rule picks up the HTML traffic before it gets to
the
> firewall/vpn handler. What tells Squid where to send the data then ?
Can
> I specify an interface or does it simply choose the default gateway ?

Squid is just an application like any other. It does not care about
routing,
packets etc. It is your kernels routing table that decides where things
will
be sent.

If you are redirecting this traffic to Squid, then

  a) Squid needs to be able to DNS resolve the server names, unless the
user
is requesting the server by IP address..

  b) The local routing needs to allow local applications to send traffic
to
the VPN connection..

Runnin a browser locally on the Squid server really is the best test to
see if
all these works correctly. In lack of a real browser, "telnet
www.example.com
80" suffices..

Regards
Henrik

---
Incoming mail has been scanned by AVG.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.371 / Virus Database: 206 - Release Date: 13/06/2002
 
---
Outgoing mail has been scanned by AVG.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.371 / Virus Database: 206 - Release Date: 13/06/2002