I just tested your WPAD script using the wonderful "pactester" and it seems fine - it returned DIRECT/PROXY exactly as you intended. ie there's nothing wrong with that WPAD You say the clients seem to be going through the proxy for even internal hosts? So that smells like WPAD being fundamentally broken - which doesn't correlate with the above test result. So look again with a packet sniffer. Bring up wireshark on a client and start the browser, go to an internal site, stop the sniffer and review the download of the WPAD file. I assume you are relying on DNS to point client at the WPAD, but could you be a Windows shop and you've forgotten you also had WPAD via DHCP and that points at a different/old WPAD file (ie one without exceptions)? Also test with Firefox: it has the "purest" WPAD support IMHO. If it works in Firefox and not in MSIE/Chrome, then it's not a WPAD problem (I'm not sure about me mentioning Chrome, it's just that I know Google designed Chrome to use the same OS settings that MSIE does when it can - so any bug/issue with those libraries could affect Chrome if they affect MSIE) -- Cheers Jason Haar Corporate Information Security Manager, Trimble Navigation Ltd. Phone: +1 408 481 8171 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
