Search squid archive

Re: tcp_outgoing_address with destination acl

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



ons 2007-01-10 klockan 00:30 -0800 skrev zulkarnain:

> Is it possible to configure tcp_outgoing_address to be
> able to select ip address based on "dst" acl type
> matches?

Yes, but there may occasionally be a false results if the dst is not yet
in the ipcache DNS cache. To minimize this evaluate an dst acl in
http_access as well.

acl do_dns_lookup dst 0.0.0.0/0
http_access deny do_dns_lookup !all

before where you allow access.

Even with this there may occasionally be a false result if the ipcache
DNS entry expires between http_access and where the request is
forwarded, but for most time it should work.

Regards
Henrik

Attachment: signature.asc
Description: Detta =?ISO-8859-1?Q?=E4r?= en digitalt signerad meddelandedel


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux