ons 2007-01-10 klockan 00:30 -0800 skrev zulkarnain: > Is it possible to configure tcp_outgoing_address to be > able to select ip address based on "dst" acl type > matches? Yes, but there may occasionally be a false results if the dst is not yet in the ipcache DNS cache. To minimize this evaluate an dst acl in http_access as well. acl do_dns_lookup dst 0.0.0.0/0 http_access deny do_dns_lookup !all before where you allow access. Even with this there may occasionally be a false result if the ipcache DNS entry expires between http_access and where the request is forwarded, but for most time it should work. Regards Henrik
Attachment:
signature.asc
Description: Detta =?ISO-8859-1?Q?=E4r?= en digitalt signerad meddelandedel