On 23/06/2012 9:55 p.m., Ton Muller wrote:
> On 23-6-2012 3:47, Linda W wrote:
>> Ton Muller wrote:
>>> access webmail is not possible when i use name lookup, i must use IP
>>> adres for it.
>>>
>>> so, my question..
>>> where did i make a mistake , i used basic squid config, and added only
>>> some ports for access.
>> ----
>>
>> lots of possibilities --
>> 1), I usually have clients setup to go direct to anything on my local net.
>> If they can't resolve the other hostnames properly (internal DNS/hosts/NIS/
>> whatever). That could cause problems. How do your internal clients
>> resolve internal addresses -- do you have a DNS server setup for local
>> clients?
>>
> Yes, i have named on my openBSD box running, and yes, it works as it
> should be....
>
>>
>> 2) I also usually have squid setup NOT to serve internal addresses -- so if
>> a client tries to go through squid to get to an internal address, it
>> will usually
>> get an 'access denied' -- since going through squid to get to a local
>> address is
>> just 'wrong'...
> hm,mkey..
> and how i adapt it to my condig, if i may ask..
>
>> It also helps prevent someone getting access to squid from the outside
>> -- (hypothetical)
>> then they would get an access denied for any ports on the inside of my net.
>>
>> Those are things that would go wrong on my network. Now what can go
>> wrong on your
>> network depends on config's of clients, squid, how your network is
>> setup...etc...
>>
>> Give you any ideas?
>>
>>
> ideas enough.
> as say, am using openBSD for nat, and serving local stats with mrtg and
> smokeping (NO ACCESS TO EVIL WAN xD)
>
> am not having squid configed as accelerator (it even wont let me, if i
> add the tags, a check on config gives errors)
What errors?
All Squid since 2.6 have been able to do "accelerator" reverse-proxy by
defualt out of the box. There are no buid options to disable it even.
Amos
Received on Wed Jun 27 2012 - 05:52:09 MDT
This archive was generated by hypermail 2.2.0 : Wed Jun 27 2012 - 12:00:04 MDT