On 2024-02-27 12:38+1300, Amos Jeffries wrote: > On 26/02/24 06:52, Ed wrote: > > > > acl bad_foo req_header ICAPHEADER -i foobar > > cache_peer_access server_1 deny bad_foo > Assuming that an ICAP service is controlling whether the peers are to > be used that is the correct way. > > However, if you have an ICAP service controlling whether a peer can be > used consider having the ICAP service just send Squid the final > response. There is a relatively huge amount of complexity, both in the > config and what Squid has to do slowing the transaction down just for > this maybe-a-HIT behaviour. Yes, it would be best if the traffic wasn't there sometimes :) > Alternatives to "cache_peer_access .. deny bad_foo" are: > ... > B) "miss_access deny bad_foo", I think your suggestion of B suits best, thank you very much as that saves me using multiple cache_peer_access lines. Something didn't feel right with what I was doing, and asking for an alternative was the right thing to do. Many thanks, Ed _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx https://lists.squid-cache.org/listinfo/squid-users
