RE: [squid-users] Squid2.4 & /etc/hosts

Hi Robert,

Thanks for your reply. Checking the log file the CONNECT method is provided
to squid with the hostname webmail.company.com however the IP address that
is shown is the world address rather than the address specified in the
/etc/hosts file.

ie
/etc/hosts entry: 10.14.12.122 webmail.company.com
Browser Request: https://webmail.company.com
Log Shows: 10.14.12.123 TCP_MISS/503 0 CONNECT webmail.company.com:443 -
DIRECT/203.123.xxx.xxx -

So you are saying this should work and is probably a bug?

-----Original Message-----
From: Robert Collins [mailto:robertc@squid-cache.org]
Sent: Wednesday, 5 February 2003 9:14 AM
To: jturner@bsis.com.au
Cc: Henrik Nordstrom; squid-users@squid-cache.org
Subject: RE: [squid-users] Squid2.4 & /etc/hosts

On Wed, 2003-02-05 at 12:02, Jay Turner wrote:
> But it is maintained by Red Hat who backport any security patches to the
2.4
> version they ship with 7.3.
>
> If you could please re-read my post you will note that I have recompiled
> with --disable-internal-dns and it successfully references /etc/hosts for
> http:// pages. My question relates to https:// pages and having squid do a
> local lookup from somewhere for the IP address rather than fetching it
from
> the DNS (as it does with /etc/hosts for http:// requests).

Which you probably can't do.
If the CONNECT verb is provided to squid with an ip address rather than
a hostname, no proxy can do what you are asking.
If a hostname is provided, then the same host->ip lookup path is
followed as for http:// requests.

Check access.log. If you see CONNECT ipaddress:443 then you need to look
at using a redirectory to alter the requested IP address.
If you see CONNECT hostname:443, then please log a bug in bugzilla.

Rob

--
GPG key available at: <http://users.bigpond.net.au/robertc/keys.txt>.