mån 2010-08-02 klockan 04:11 -0700 skrev isaac: > Problem Solved! > > I've aksed this question in ServerFault and find a solution by just adding > these lines in squid.conf: > > > acl CONNECT method CONNECT > acl POST method POST > never_direct allow CONNECT > never_direct allow POST > > But i still don't understand this behaviour of squid: > > Why should we add these lines for CONNECT and POST method explicity while > GET method works correctly without such settings? > > Is this default behaviour of squid or what? Sounds like you should really have never_direct allow all What is happening is that Squid by default acts somewhat differently depending on if it thinks the response may be possible to cache. If it knows that the response won't be possible to cache then it selects the shortest possible path to retrieve the requested object which is going direct unless forbidden. CONNECT/POST/etc (most non-HEAD/GET) can never be cached. GET/HEAD depends on a number of factors. There is many kinds of GET requests as well which Squid will consider non-cacheable and go direct if allowed. The never_direct directive is what you use to tune this when you need requests forwarded even if it's worthless from a cache perspective. never_direct tells Squid that it is not allowed to go direct and MUST forward requests to a peer (usually parent peer). Used for example if you are behinda firewall without direct connectivity, or otherwise MUST use a parent proxy. Regards Henrik