On 03/06/11 20:26, Nuno Fernandes wrote:
On Friday 03 June 2011, Amos Jeffries wrote:
On 03/06/11 10:46, E.S. Rosenberg wrote:
If you want them to have a direct connection to the internet you could
use always_direct (or never_direct) (which also exists in squid 2.x).
Something like this:
acl servers src [ips/fqdns]
acl direct_sites {dst|dstdomain} {ips/fqdns|fqdns/domains}
always_direct allow servers direct_sites
This is not relevant. always/never_direct only determin if cache_peer is
used. It has no effect on bypassing Squid as implied above OR cached
content being served up as originally asked.
Regards,
Eli
2011/6/2 Nuno Fernandes:
Hello,
Is it possible with squid 3.1 to have some kind of acl so that cached
content doen't get served so some client machines.
If the client wishes to use the slow route to the origin, replacing all
cached content along the way, it sends "Cache-Control: no-cache" in its
request headers.
Please explain why you want to force some clients to use the slowest
most inefficient and wasteful source for data? All the possible reasons
I'm aware of have far better ways to achieve.
Ok.. let me explain..
In the scenario squid -> dansguardian -> squid (cache), the second squid
instance only does caching while the first does all the acl and auth work.
I want to remove the second instance of squid and send the dansguardian
requests back to the first instance for internet fetching and caching.
The answer then is simple. Enable caching on squid1 and remove squid2
entirely from the setup. Squid1 will fetch things from DG. DG fetched
from wherever globally it need to.
Only non-cached content will be fetched through DG. The DG denial page
will be cached when things are blocked. So you you only test a URL with
DG once.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.12
Beta testers wanted for 3.2.0.8 and 3.1.12.2
