I am running squid on a LRP box. It is running fine as a transparent proxy. I have a group of internal machines going through it, with a range of IPs that bypass the proxy using ipchains. Is there a way to bypass squid for the machines that normally go through squid to reach certain sites? I have tried acls to allow the sites and always_direct, but the sites are still much much slower going through the proxy. These are the chain rules I am using to start: ~ # Redirect to Squid proxy server: ipchains -A input -p tcp -s 0/0 -d 0/0 8080 -j DENY -i eth0 -l # Bypass for 192.168.1.8/29 range ipchains -A input -p tcp -s ! 192.168.1.8/29 -d 0/0 80 -j REDIRECT 8080 ~ I want to keep the other machines going through the proxy, except let 192.168.1.3 bypass the proxy only to get to sportsonline.com. I?m not too good with ipchains, can I make another rule to let only this bypass? Thanks, Bill
