Search squid archive

Re: Squid + WPAD issues

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 6/11/07, Markus.Rietzler@xxxxxxxxxxxxxx
<Markus.Rietzler@xxxxxxxxxxxxxx> wrote:
my question was regarding some user-excpetions. a combination of proxy-pac and "browser-settings" is not possible - at least not with IE.

Correct.  That is not possible.

When a browser is configured to use a Proxy script (via WPAD or
specified as a PAC url), the browser ignores locally configured proxy
and proxy exceptions.


so if we want to support user excpetions than it only could be done
if these settings also were provided by the cgi-generated pac-file, right?

Yes, exactly.
I am not aware of any web browser which will mix local settings and PAC.


Getting back to Squid, one earlier question was whether squid could
tell the client "don't use me as a proxy to access this, you need to
go direct".

While that isn't directly technically possible (as HTTP doesn't offer
such a feature), what you can do is make sure that all clients know
(via PAC or via exception lists) that any *.intranet URL must always
be accessed directly, and configure Squid and an external helper so
when a client tries to use Squid to access internal resource "foo",
the client receives a redirect telling it to go to the appropriate
foo.intranet URL.

You'd also need to put in an explicit DENY policy for "*.intranet"
URLs to avoid forwarding loops.


Kevin

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux