Tnx for the reply, I will test it. I just have one more question. My setup is like this. On my proxy server, i have eth0 connected to the internet and eth1 connected to the Lan. My question is, if the request for the website comes from my local Lan and the iptables rule is intented to not allow squid to intercept that particular website request, how is the web request handlled? How the request comming from eth1 will make its way to eth0 ---> website ---> and reply back to eth0 and send that back to the user in the eth1 network.? As i said i have not tested this yet, but i would like to understand a little about how this works. Tnx for the help. Amos Jeffries-2 wrote: > > Cdrack wrote: >> Hi Amos, >> Could you please explain what should by placed instead of ¨squid¨? > > -A squid is a local custom chain name in my iptables. > > It's created by: > iptables -t nat -N squid > iptables -t nat -A PREROUTING --protocol tcp --dport 80 -j squid > > >> I ran this >> iptables -t nat -A squid -j DNAT --to-destination 10.0.0.1:81 >> But i get this message: >> iptables: No chain/target/match by that name >> >> Seems to me that the ¨-A squid¨ part is what is not working for me. >> >> I have the exact same problem as the guy that opened this thread. >>> If I understand you correctly you want requests sent to a particular >>> site >>> not even to enter Squid yes? >> >> This is correct for me, i want to allow the browser to retrieve the >> website >> without passing thru squid. >> >> Tnx for your prompt reply. >> >> >> Amos Jeffries-2 wrote: >>>> Hi Folks, >>>> >>>> I need a specific site to completely bypass my squid cache due to a >>>> broken >>>> external webapp. >>>> >>>> I have read the section "how do I configure Squid not to cache a >>>> specific >>>> server?" from the wiki, which I can implement with no issues, but what >>>> I >>>> am not sure is what this will actually do :) >>>> >>>> Will this allow traffic to pass through squid without caching it, or >>>> will >>>> this block the site for users? >>> The bit that says to configure "cache deny" ? >>> Simply prevents storage of the request/reply objects as they go through >>> Squid. >>> >>> If I understand you correctly you want requests sent to a particular >>> site >>> not even to enter Squid yes? once they enter squid there is no >>> bypassing, >>> so it must be done at the firewall. >>> For such sites I use a custom chain a bit like this to decide of the >>> request is intercepted or not (all the lines ending in ACCEPT, are not >>> intercepted): >>> iptables -t nat -A squid -s 10.0.0.1 -j ACCEPT >>> ... >>> iptables -t nat -A squid -j DNAT --to-destination 10.0.0.1:81 >>> >>> You want something like: >>> iptables -t nat -A squid -d ip-of-website-to-permit -j ACCEPT >>> in your list of bypasses. >>> >>> Amos >>> >>> >>> >> > > > -- > Please be using > Current Stable Squid 2.7.STABLE6 or 3.0.STABLE15 > Current Beta Squid 3.1.0.7 > > -- View this message in context: http://www.nabble.com/Follow-up-question-from-Wiki...-%22how-do-I-configure-Squid-not-to-cache-a-specific-server-%22-tp23407536p23463186.html Sent from the Squid - Users mailing list archive at Nabble.com.