Search squid archive

Re: Proper Access ACLs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Henrik Nordstrom wrote:
ons 2007-05-02 klockan 16:00 -0700 skrev Michael Puckett:
 a path outside to reach the server "external.com". Will the following
configuration directives route requests to "external.com" ONLY through
"extern-proxy.mydomain" while keeping all other requests inside my own
domain? Is this the correct way to do this, or is there another
recommendation for configuring for this case?

cache_peer extern-proxy.mydomain parent 8181 5151 no-query no-digest

acl OUTSIDE dstdomain external.com

cache_peer_access allow OUTSIDE
cache_peer_access deny all

Ok.
Thank you...
always_direct allow all
never_direct deny all

Not ok. Says Squid should always go direct, ignoring whatever cache_peer
you have..


Should probably be just

never_direct allow OUTSIDE

with no always_direct rule specified at all, or a "deny all" rule if you
like (it's the default).
So this then says that OUTSIDE should never go direct I understand,
with the implication that everything else is always direct? What tells everything else to go direct?

What would get the default "deny all"? Would that be "never_direct deny all" or "always_direct deny all"

Regards
-mikep

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux