Parent Proxy and direct traffic

[<jens.altrock@xxxxxxxxxxx>]

Hi!

 

I got a little Problem:

 

We have a proxy server that should route special requests to a parent proxy and forward the rest tot he standard gateway. I haven’t found any suitable and working configurations, so I’m asking ehre for help. My configuration so far:

 

acl localnet src 0.0.0.1-0.255.255.255 # RFC 1122 "this" network (LAN)

acl localnet src 10.0.0.0/8 # RFC 1918 local private network (LAN)

acl localnet src 100.64.0.0/10 # RFC 6598 shared address space (CGN)

acl localnet src 169.254.0.0/16 # RFC 3927 link-local (directly plugged) machines

acl localnet src 172.16.0.0/12 # RFC 1918 local private network (LAN)

acl localnet src 192.168.0.0/16 # RFC 1918 local private network (LAN)

acl localnet src fc00::/7 # RFC 4193 local private network range

acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines

 

acl SSL_ports port 443 8443

acl Safe_ports port 80 # http

acl Safe_ports port 21 # ftp

acl Safe_ports port 443 # https

acl Safe_ports port 70 # gopher

acl Safe_ports port 210 # wais

acl Safe_ports port 1025-65535 # unregistered ports

acl Safe_ports port 280 # http-mgmt

acl Safe_ports port 488 # gss-http

acl Safe_ports port 591 # filemaker

acl Safe_ports port 777 # multiling http

acl CONNECT method CONNECT

acl alwayspeer dstdomain EXAMPLE.COM:777

 

cache deny all

cache_peer PARENT_PROXY_SRV parent 8080 7 proxy-only no-query

cache_peer_access PARENT_PROXY_SRV allow alwayspeer

 

#http_access deny !Safe_ports

#http_access deny CONNECT !SSL_ports

 

http_access allow localhost manager

http_access allow all Safe_ports

http_access allow all SSL_ports

never_direct deny alwayspeer

always_direct allow all

#never_direkt allow all

#always_direct allow all

http_access deny all

 

include /etc/squid/conf.d/*

http_access allow localhost

http_access deny all

 

http_port 3128

cache_dir ufs /var/spool/squid 100 16 256

coredump_dir /var/spool/squid

refresh_pattern ^ftp:                           1440       20%        10080

refresh_pattern ^gopher:       1440       0%         1440

refresh_pattern -i (/cgi-bin/|\?) 0           0%         0

refresh_pattern .                  0            20%        4320

cache_effective_user proxy

cache_effective_group proxy

dns_v4_first on

 

Problem ist hat direct traffic is working, but he doesn’t redirect EXAMPLE.COM:777 to the correct Proxy server.

 

In the access.log I only see:

 

1627297417.299  31535 CLIENT_IP NONE/503 0 CONNECT EXAMPLE.COM:777 - HIER_NONE/- -

 

any help and tips appreciated. Thanks so far.

 

Regards,

 

Jens

Wichtige Hinweise für Mitteilungen an die Stadtverwaltung Neustadt an der Weinstraße finden Sie unter www.neustadt.eu/kontakt.

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users