On Saturday 04 June 2011, Amos Jeffries wrote:
> On 03/06/11 20:26, Nuno Fernandes wrote:
> > On Friday 03 June 2011, Amos Jeffries wrote:
> >> On 03/06/11 10:46, E.S. Rosenberg wrote:
> >>> If you want them to have a direct connection to the internet you could
> >>> use always_direct (or never_direct) (which also exists in squid 2.x).
> >>> Something like this:
> >>> acl servers src [ips/fqdns]
> >>> acl direct_sites {dst|dstdomain} {ips/fqdns|fqdns/domains}
> >>> always_direct allow servers direct_sites
> >>
> >> This is not relevant. always/never_direct only determin if cache_peer is
> >> used. It has no effect on bypassing Squid as implied above OR cached
> >> content being served up as originally asked.
> >>
> >>> Regards,
> >>> Eli
> >>>
> >>> 2011/6/2 Nuno Fernandes:
> >>>> Hello,
> >>>>
> >>>> Is it possible with squid 3.1 to have some kind of acl so that cached
> >>>> content doen't get served so some client machines.
> >>
> >> If the client wishes to use the slow route to the origin, replacing all
> >> cached content along the way, it sends "Cache-Control: no-cache" in its
> >> request headers.
> >>
> >> Please explain why you want to force some clients to use the slowest
> >> most inefficient and wasteful source for data? All the possible reasons
> >> I'm aware of have far better ways to achieve.
> >
> > Ok.. let me explain..
> > In the scenario squid -> dansguardian -> squid (cache), the second
> > squid instance only does caching while the first does all the acl and
> > auth work.
> >
> > I want to remove the second instance of squid and send the dansguardian
> > requests back to the first instance for internet fetching and caching.
>
> The answer then is simple. Enable caching on squid1 and remove squid2
> entirely from the setup. Squid1 will fetch things from DG. DG fetched
> from wherever globally it need to.
>
> Only non-cached content will be fetched through DG. The DG denial page
> will be cached when things are blocked. So you you only test a URL with
> DG once.
DG doens't fetch content directly. It needs a parent proxy.
Even if it could, Only some users are bound to DG. If i cache the denial page,
all of the users would receive that.
Thanks,
Nuno Fernandes
>
> Amos
