On Wednesday 05 March 2003 08.11, Ben White wrote:
> In feb 03 forum, you said :
>
> always_direct allow -> Squid MUST go direct
> never_direct allow -> Squid MUST NOT go direct
>
> then, is it right for me to interpret that :
>
> always_direct deny --> Squid MUST NOT go direct
> never_direct deny --> Squid MUST NOT go direct
Nope.
Squid first looks at always_direct. If it is "allow" then Squid goes
directly (default is deny).
Then Squid looks at never_direct. If it is "allow" then Squid does not
go directly unless already done so above. (default is deny).
Finally, if both are deny (the default), Squid decides based on the
request, satus of your peers and some other factors where to send the
request.
> What I want to do in my Squid, is simply to forward
> all requests from my LAN to 10.x.x.x (parent). After
> checking with the FAQ, I think I shd write something
> like :
>
> cache_peer 10.x.x.x parent 8080 0 no-query default
> never_direct allow LAN
Looks good, but assuming only your users are allowed to use your Squid
you might just as well use
never_direct allow all
The normal configuration if you want all traffic to go via a parent,
such as if you are in a private network with no direct Internet
connectivity or have other reasons to always use the parent proxy no
matter what is
never_direct allow all
and then always_direct for the few destinations which you do not want
to use the parent. This is usually the local web servers on your
network and/or the network between you and the parent..
Things get a little more complex if you want some traffic to always be
sent via a specific parent while other traffic sent via some other
parent but that is another story.
Regards
Henrik
Received on Wed Mar 05 2003 - 00:51:34 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:55 MST