Re: [squid-users] Is there a way to tell squid on certain domains to not proxy for. For example in transparent mode ho

> On 6/14/06, Keith Owen <KOwen@cdfa.ca.gov> wrote:
> >Is there a way to tell squid on certain domains to not proxy for. For
> >example in transparent mode hotmail.com will hang at login, so instead
> >squid just log and send the packet untouched on its way. Is that possible?

On 14.06.06 20:28, Mehdi Sarmadi wrote:
> you have configured some redirection, in your firewall(e.g. Using
> Netfilter/IPTABLES) or in a router, that should redirect the traffic
> with [port 80 and a host outside the LAN] as the destination to the
> squid process somewhere in you LAN. So what should happen if we don't
> like some website not to get proxied by squid? If a client request for
> a website, the traffic(HTTP request) gets to squid, then it couldn't
> tell "I don't want it give it to hotmail.com", and squid could do
> anything with the request except proxying. I told that example to
> show, what you say would be done with your firewall
> (Netfilter/IPTABLES) or what ever that redirects the HTTP traffic to
> the squid.
>
> Please correct me if I'm wrong.

You are right, I would just tell it different way. There is no chance for
squid to say "I won't proxy this request, go direct". If the request already
reached squid, it only can proxy or refuse it.

Keith, do not use interception(this is what some people incorrectly call
"transparent proxy"), unless you really must to (this means, you CAN NOT
configure clients to use proxy). This is usually exactly the reason why you
can't reach destination site via the proxy. I bet this is your case.

-- 
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Emacs is a complicated operating system without good text editor.