On 08/27/2016 05:44 AM, Omid Kosari wrote: > Alex Rousskov wrote >> I recommend starting with something like this: >> >> http_reply_access deny all >> deny_info TCP_RESET all >> >> Does that reset all connections to Squid (after Squid fetches the reply)? > > Thanks for reply . > > As i mention before the deny_info works in other configs AFAICT, the examples you mentioned before were all wrong, for one reason or another. > for example > > acl test dstdomain 123.com > deny_info TCP_RESET test > http_reply_access deny test > > works fine and it only reset the connection without any additional headers . You have not mentioned the above example before AFAICT. I understand that it works for regular requests. Does it also work (i.e., does Squid reset the connection) when handling a non-HTTP request on port 80? > But if you looking for special purpose i will schedule a maintenance time > and do following config as you said . > > http_reply_access deny all > deny_info TCP_RESET all We can start with dstdomain if that is easier for you. I am surprised you are testing this on a live Squid though. It would be much easier to get it working in a lab first... Alex. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
