[squid-users] Rejecting URLs with unresolvable DNS hosts?

From: Paas, Sven <Sven.Paas@dont-contact.us>
Date: Tue, 16 Dec 2003 13:28:07 +0100

Hi,

I am using squid-2.5.STABLE4.

We have different cache_peer's for different
IP destination networks, no ICP, and my cache
has set "never_direct allow all".

This works just fine, with the exception that
whenever my cache cannot resolve the hostnames
in URLs to IP addresses in DNS, it just decides to
use "ANY_PARENT" (when no default cache_peer is
defined) oder "DEFAULT_PARENT" (when a default
cache_peer is defined).

Example:

###
 cache_peer 192.168.1.1 parent 8080 7 no-query
 cache_peer 192.168.1.2 parent 8080 7 no-query

 acl all_src src 0.0.0.0/0
 acl all_dst dst 0.0.0.0/0
 acl net1_dst dst 172.16.0.0/16
 acl net2_dst dst 172.17.0.0/16

 cache_peer_access 192.168.1.1 allow all_src net1_dst
 cache_peer_access 192.168.1.1 deny all_src

 cache_peer_access 192.168.1.2 allow all_src !net1_dst
 cache_peer_access 192.168.1.2 deny all_src

 never_direct allow all_src

 acl mynet_src src 10.0.0.0/8
 http_access allow mynet_src all_dst
###

My question: how can I force my cache to just reject
a request immediately itself when the hostname in the URL
is not resolvable in DNS by the cache? I do not
want to forward unknown URLs to foreign caches.

Thanks, Sven

-- 
Received on Tue Dec 16 2003 - 05:28:13 MST

This archive was generated by hypermail pre-2.1.9 : Thu Jan 01 2004 - 12:00:13 MST