On 18/11/10 08:35, Chris Gallacher wrote:
Hello, I am experiencing issues when trying to configure Squid to bypass my companies parent proxy for local hosts. My configuration is as follows: (User Facing Proxy - Squid)<-> (Parent Proxy - Squid)<-> (Parent Proxy - Websense) Both of the Squid proxies are running squid-2.7.STABLE8 on Windows Server 2003 SP2 boxes. Config file for user facing proxy (Stripped to bare essentials for troubleshooting): ------------------------------------------------------------------------------------------------------------------ cache_peer parentproxy.mydomain.co.uk parent 8082 0 login=PASS connection-auth=on append_domain .mydomain.co.uk acl all src all acl localdomain dstdomain .mydomain.co.uk acl localip dst 10.0.0.0/8 always_direct allow localdomain always_direct allow localip never_direct allow all http_access allow all ------------------------------------------------------------------------------------------------------------------- When trying to access intranet.mydomain.co.uk I would expect Squid to match this request with the first, and if not the second, of the always_direct access lists and connect directly to the internal web server, presenting me with my companies main intranet page. Instead I am presented with a Websense "Page cannot be displayed" error, indicating that the request was in fact forwarded to the Squid parent proxy and then on to Websense. As you may have guessed I am new to Squid, and to Proxy servers in general. If anyone can provide advice regarding where I have went wrong with my configuration or which debug sections would best help me to understand how requests are being processed by Squid your assistance would be greatly appreciated.
That first line should be matching. IIRC "debug_options 28,3 44,3" will tell you what is going on.
You could also use these this instead of your never_direct line: cache_peer_access parentproxy.mydomain.co.uk deny localdomain cache_peer_access parentproxy.mydomain.co.uk deny localip never_direct allow !localdomain !localip Amos -- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.9 Beta testers wanted for 3.2.0.3
