[squid-users] Cache peer and never_direct

From: <ahuxtable@dont-contact.us>
Date: Thu, 31 Jul 2003 12:31:58 +0930

Hi,
        After a little help. I have a setup here where I want to force all
users to use a cache
peer *except a few*.

I am also using NTLM auth and NT Global group checking

It seems to be partially working where the 'direct' users always go direct
but the 'peered' users
are only partialy using the peer (some requests are going direct).

Squid.conf snippet:
#***************************************************************************
********************
external_acl_type NT_global_group %LOGIN /usr/local/squid/libexec/wb_group

acl DirectProxyUsers external NT_global_group <Group1>
acl PeerProxyUsers external NT_global_group <Group2>
acl password proxy_auth REQUIRED

never_direct allow all

always_direct allow DirectProxyUsers

Http_access allow password PeerProxyUsers
Http_access allow password DirectProxyUsers

#***************************************************************************
********************

I have confirmed that the external ACL is working ok. If I remove the
always_direct line then
all requests go to the peer as expected. If I change the 'DirectProxyUsers'
ACL to a standard 'SRC'
or something then it also works as expected (just DirectProxyUsers go
direct). Is there an issue with
using an external helper with an always_direct or something?

As it is, it seems that about 2 in 5 of requests from the users that match
the 'PeerProxyUsers' ACL still
Go direct. Why?

Thanks in Advance,
        Andrew
Received on Wed Jul 30 2003 - 20:49:45 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:18:21 MST