On Tue, 27 Dec 2011 10:22:22 +0100, Paolo Supino wrote:
> Hi
>
> My Squid proxy (squid-2.6.STABLE21) is the first proxy part of
> hirarchy that clients on the network hit. I have client on the LAN
> that is having problems with one of the upstream proxies when
> accessing a specific web server on the internet (I have no control of
> the upstream proxy). I want to let that specific client bypass the
> proxy hirarchy when accessing that specific web server.
>
> I've tried to setup 2 acls: "acl src_client src 192.168.1.88" and
> "acl
> dst_server dstdomain www.example.com" and then put both acls in the
> same always_direct rule: "always_direct allow src_client dst_server",
> but it didn't work (though it didn't complain about the
> misconfiguration...). I was hoping that always_direct will work the
> same way that http_access works and accept multiple acls.
It does.
>
> How can I setup Squid to always_direct from a specific host to a
> specific server?
You misunderstand the directives meaning.
"DIRECT" access is the term for Squid using a DNS lookup to fetch the
response data from one of the DNS listed origin servers. "always_direct
allow" forces Squid to always use DNS (DIRECT access) in such a way,
ignoring any cache_peer directives you may have configured to pass
traffic to upstream/parent or sibling proxies.
To bypass the Squid hierarchy you must alter the PAC script, or
interception (NAT, WCCP) rules you are using to pass requests to Squid.
Amos
Received on Tue Dec 27 2011 - 09:46:45 MST
This archive was generated by hypermail 2.2.0 : Tue Dec 27 2011 - 12:00:02 MST