On Wed, Dec 11, 2013 at 11:12:47AM +0000, Stephen Borrill wrote: > > In the absence of this bug being fixed, is there a workaround besides > remove all except for one cache_peer? > I worked around it by, effectively, doing: acl domlist dstdomain .bbc.co.uk acl iplist dst 123.123.123.123/32 cache_peer_access prox1 allow Safe_ports iplist cache_peer_access prox1 deny domlist cache_peer_access prox2 allow domlist cache_peer_access prox1 allow all cache_peer_access prox2 deny all As long as the IP is explicitly allowed before any deny rules then it will work. -- Brett Lymn This email has been sent on behalf of one of the following companies within the BAE Systems Australia group of companies: BAE Systems Australia Limited - Australian Company Number 008 423 005 BAE Systems Australia Defence Pty Limited - Australian Company Number 006 870 846 BAE Systems Australia Logistics Pty Limited - Australian Company Number 086 228 864 Our registered office is Evans Building, Taranaki Road, Edinburgh Parks, Edinburgh, South Australia, 5111. If the identity of the sending company is not clear from the content of this email please contact the sender. This email and any attachments may contain confidential and legally privileged information. If you are not the intended recipient, do not copy or disclose its content, but please reply to this email immediately and highlight the error to the sender and then immediately delete the message.