ons 2007-01-10 klockan 00:30 -0800 skrev zulkarnain:
> Is it possible to configure tcp_outgoing_address to be
> able to select ip address based on "dst" acl type
> matches?
Yes, but there may occasionally be a false results if the dst is not yet
in the ipcache DNS cache. To minimize this evaluate an dst acl in
http_access as well.
acl do_dns_lookup dst 0.0.0.0/0
http_access deny do_dns_lookup !all
before where you allow access.
Even with this there may occasionally be a false result if the ipcache
DNS entry expires between http_access and where the request is
forwarded, but for most time it should work.
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Thu Feb 01 2007 - 12:00:01 MST