On Fri, 7 May 2004, Norman Zhang wrote:
> I have no problem accessing the web directly using VirusWall as my proxy
> (i.e., http://x.x.x.x:80). But going through Squid (http://x.x.x.x:3128)
> won't scan the content in VirusWall. Squid will go directly to the
> internet. This makes make think that Squid is not redirecting to
> VirusWall as it should be.
> cache_peer 127.0.0.1 parent 80 7 default no-query
> acl binaries urlpath_regex -i \.exe$ \.zip$ \.vbs$ \.gz$
> cache_peer_access 127.0.0.1 allow binaries
> never_direct allow binaries
Looks fine to me, even if it can be done slightly simpler via the
always_direct/never_direct directives instead of cache_peer_access..
always_direct deny binaries
never_direct allow all
in addition I find it more easy to understand if the icp port is specified
as 0 when using no-query. This field is not really used then and
mentioning the echo port can be confusing making one think (but not Squid)
that the echo port is used...
Have you run "squid -k reconfigure" or restarted Squid since making the
configuration change?
Is there any warnings on "squid -k parse"?
What does Squid access.log say when you attempt to download some content
which should have been sent to the scanner?
Regards
Henrik
Received on Sat May 08 2004 - 03:13:24 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Jun 01 2004 - 12:00:01 MDT