03-Apr-02 at 13:14, Michael R. Wayne (wayne@staff.msen.com) wrote :
>
> Squid Cache: Version 2.3.STABLE4
>
> I am trying VERY hard to force requests to fdl.msn.com to go direct
> but squid is not cooperating. In squid.conf, I have
>
> acl ZONE_1 url_regex fdl.msn.com
> no_cache deny ZONE_1
> #### fdl.msn.com has address 207.46.177.148
> acl ZONE_2 dst 207.46.177.148
> no_cache deny ZONE_2
> acl acl_zone dst fdl.msn.com
> always_direct allow acl_zone
Have you a corresponding
never_direct deny acl_zone
I never quite understood why there are both these declarations, but maybe
it's this:
always_direct is parsed, and then specific exceptions /could/ be handled by
never_direct
And, if never_direct is evaluated last, then it may cancel out the
always_direct... especially if you have never_direct allow all or
something like that.
That said, the example from squid.conf goes thus:
# acl local-intranet dstdomain foo.net
# acl local-external dstdomain external.foo.net
# always_direct deny local-external
# always_direct allow local-intranet
# never_direct allow all
Someone with a better knowledge of squid logical evaluation might be able
to answer better on this, but it couldn't hurt to try to put in a
never_direct as I suggested above.
STABLE6 is out, by the way.
Simon.
-- [Simon White. vim/mutt. simon@mtds.com. GIMPS:61.27% see www.mersenne.org] Hofstadter's Law states that projects take longer than expected, even when Hofstadter's Law is taken into account. [Linux user #170823 http://counter.li.org. Home cooked signature rotator.]Received on Wed Apr 03 2002 - 11:26:03 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:20 MST