Re: [squid-users] Partial Authentication

From: Henrik Nordstrom <>
Date: Fri, 6 Feb 2004 13:11:41 +0100 (CET)

On Fri, 6 Feb 2004, Eberhard Pietzsch wrote:

> Proxy A should test if a requested hostname is contained in our
> list mentioned above. If not contained, proxy A should forward
> the request directly to the host in question.

See cache_peer_access and never_direct. You need both.

Note that you can not use external acls in cache_peer_access at this time,
not reliably anyway. You may get an acceptable level if the acl is furst
evaluated in http_access, but it is not 100% safe.

http_access deny restrictedacl !all

somwhere before where requests are allowed.

The use of the ACL in never_direct may work as well, but I have not

Received on Fri Feb 06 2004 - 05:11:46 MST

This archive was generated by hypermail pre-2.1.9 : Mon Mar 01 2004 - 12:00:02 MST