I have a rewrite rule so that any request for a list of apt repositories (acl dstdomain) are rewritten to instead go to my apt-cacher server, and then a "cache deny" rule to make sure squid doesn't cache files from these repositories. This seemed to be working fine but my latest attempt at a debian install kept failing because the gpg signature didn't match. It turns that that squid was actually caching these requests, which is the opposite of what I wanted as it meant that the sig and the file got out of sync (I guess apt-cacher doesn't return a proper indication of what is allowed to be cached and what isn't... so the sig was cached but the file wasn't, or something like that) It turns out that "cache deny <dstdomain acl>" is processed after the rewrite, and against the rewritten url, so I needed to also exclude requests for my server running apt-cacher. So for example: acl apt_repo dstdomain ftp.au.debian.org acl apt_cacher browser apt-cacher # apt-cacher itself cache deny apt_repo cache deny apt_cacher cache allow all but I needed to add: acl apt_repo dstdomain my.apt.cacher.server This is kind of obvious in retrospect, but is it described anywhere which rules apply against the url before it is rewritten and which are applied to the rewritten url? Thanks James _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users