On Wed, 2 Mar 2005 06:50 pm, Ling Ling Chan wrote: > Hi, > > We are running SQUID (as forward proxy)and we had configured to resolve our > domain (.mycompany.com) internally. However, We have some URLs that are > configured using our DNS, and those website are hosted by 3rd party web > hosting company. > > I have tried the following:- > > 1) Configure redirect_program to convert those *.mycompany.com to external > IP address, but I think it may be resource comsuming when the > redirect_children is huge. And, those website IP addresses will be exposed. > > 2) Trying to use always_direct for these list of URLs in squid.conf. > > Is there any other alternatives for this. Put the addresses in /etc/hosts and "killall -HUP squid". Works here :) We have a similar problem; www.foo.com is in our DMZ but the address returned by DNS is external (the address is NAT'ed). So squid was trying to connect to the external address from the LAN which is not allowed by the firewall policy. We needed squid to connect to 172.24.100.7 not the 1.2.3.4 address. So I simply put "172.24.100.7 www.foo.com" in /etc/hosts, restarted squid and voila! Internal users now put "www.foo.com" in their browser and the proxy send the request to the 172... address - no jiggery-pokery with squid's config either :) With that problem solved, I went back to my game of nethack :P HTH, James