"Kundiger, Rick" wrote:
> When adding any text after the "no-query" (ie acl hq_intranet) and so on I
> crash on startup.
There is no cache_peer option called hq_intranet, but there is an option
called "no-query" which disables the use of ICP. See the cache_peer
documentation.
> If I separate the lines it starts fine but it doesn't do what I want.
>
> If I set the proxy to cache_peer proxy.hq.foow.foo.com parent 8080 3120
> proxy-only no-query" I send everything to HQ but still cannot go into the
> intranet.
What is beeing sent to a peer is controlled by other cache_peer_access,
and also always_direct/never_direct.
> Well, very strange, if I am sending all requests to HQ proxy (if I set my
> proxy to HQ I can get into intranet) I still can't get into intranet. So,
> there must be something else blocking me. I think I am going to give up,
> call the firewall dorks and have them just add my darn proxy into their
> rules to let me in. I hate admitting defeat but I think I may have to in
> this case.
I don't think you actually sent the requests to the HQ proxy. Not unless
you were also using "never_direct allow all". See the "prefer_direct"
directive why..
What did you get in your Squids access.log? The hierarchy column tells
in detail where a request was sent.
Try this configuration:
acl hq_intranet dstdomain .hq.foow.foo.com
cache_peer proxy.hq.foow.foo.com parent 8080 0 proxy-only no-query
cache_peer_access proxy.hq.foow.foo.com allow hq_intranet
never_direct allow hq_intranet
The above configuration tells that
* there is a "hq_intranet" which is any hosts within the
hq.foow.foo.com domain.
* there is a proxy.hq.foow.foo.com parent
* this parent should only be used for the "hq_intranet"
* and Squid MUST use a parent to reach "hq_intranet" no matter if it
makes sense for caching or not.
Regards
Henrik
Received on Wed Jan 29 2003 - 02:40:06 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:55 MST