Tuc at T-B-O-H.NET wrote:
> Hi,
>
> Running into a problem, not sure if or how to handle it.
>
> User running windows has an entry in their (Windows
> equiv of /etc/hosts) that says :
>
> 192.168.3.10 SNEAKY.EXAMPLE.COM
>
> For the rest of the world, SNEAKY.EXAMPLE.COM doesn't
> exist (NXDOMAIN).
>
> Without squid in transparent/WCCP2 mode, it appears that
> the user contacts 192.168.3.10 and does his thing. With squid+
> transparent+WCCP2, we end up with 503's.
>
> Is there even a way to be able to address this, or is
> the user just going to be out of luck period?
Out of luck. Domain hijacking like this is precisely why squid doesn't
trust the client-given dst IP in transparent mode.
They will have to:
a) connect to that domain using raw IP address in the URL.
b) negotiate with the proxy admin to configure the proxy to selectively
do the SNEAKY.EXAMPLE.COM redirect for them.
Amos
-- Please use Squid 2.7.STABLE3 or 3.0.STABLE7Received on Sun Jul 13 2008 - 03:55:16 MDT
This archive was generated by hypermail 2.2.0 : Mon Jul 14 2008 - 12:00:03 MDT