On Tue, 27 Dec 2011 10:22:22 +0100, Paolo Supino wrote:
Hi
My Squid proxy (squid-2.6.STABLE21) is the first proxy part of
hirarchy that clients on the network hit. I have client on the LAN
that is having problems with one of the upstream proxies when
accessing a specific web server on the internet (I have no control of
the upstream proxy). I want to let that specific client bypass the
proxy hirarchy when accessing that specific web server.
I've tried to setup 2 acls: "acl src_client src 192.168.1.88" and
"acl
dst_server dstdomain www.example.com" and then put both acls in the
same always_direct rule: "always_direct allow src_client dst_server",
but it didn't work (though it didn't complain about the
misconfiguration...). I was hoping that always_direct will work the
same way that http_access works and accept multiple acls.
It does.
How can I setup Squid to always_direct from a specific host to a
specific server?
You misunderstand the directives meaning.
"DIRECT" access is the term for Squid using a DNS lookup to fetch the
response data from one of the DNS listed origin servers. "always_direct
allow" forces Squid to always use DNS (DIRECT access) in such a way,
ignoring any cache_peer directives you may have configured to pass
traffic to upstream/parent or sibling proxies.
To bypass the Squid hierarchy you must alter the PAC script, or
interception (NAT, WCCP) rules you are using to pass requests to Squid.
Amos
