[squid-users] ACL by destination IP using regex problem

From: Carlos Kramer <csk_1975@dont-contact.us>
Date: Wed, 02 Nov 2005 06:03:42 +0000

I've searched high and low, read FAQs, added debugging but can't
work this out, sorry if its obvious or been asked before...

I have a hierachy of squid caches using v2.4 STABLE 1. One cache
needs to determine if sites are on a local net by both destination IP
and hostname but it can't do DNS lookups to determine this.

I am trying to use dstdom_regex ^10\.0\.0\. to match local host IPs
used in the URL but it doesn't work. Even dstdomain 10.0.0.1 does
not work and wont match http://10.0.0.1/index.html.

The reason I can't use a dst ACL such as 10.0.0.0/255.255.255.0 (even
though it works) is because the dst ACL makes the squid cache do DNS
lookups for all domains requested. The cache is handling 10000s of URLs
which are external and very few internal ones, and the DNS on my cache
is connected by WAN to my parent company's central DNS and flooding it
with 10000s of DNS lookups that return NXDOMAIN is not an option.

Is there anyway to setup an ACL to test for an IP in the destination
domain part of a URL without using DNS?

Thanks a lot for any help that can be provided.
Received on Tue Nov 01 2005 - 23:03:45 MST

This archive was generated by hypermail pre-2.1.9 : Thu Dec 01 2005 - 12:00:09 MST