acl Internal dstdomain .trimple.co.nz
always_direct allow Internal
never_direct allow all
And check no dst's defined.
Regards,
Squid@Visolve.com
www.visolve.com
> I'm installing some new Squid servers on our LAN, and am trying to clean
up
> some minor niggles I've always had with our environment.
>
> We're behind a firewall, and cannot do DNS lookups on Internet hosts -
only
> internal addresses. The Squid servers are configured to go directly to
> internal trimble.co.nz addresses, and everything else should be redirected
> to our external Squid server - which does have Internet access.
>
> However, the internal Squid servers still do DNS lookups for the Internet
> addresses before passing the query off to the external server. I assume
> that's because I've got rules like:
>
> acl Internal dstdom trimble.co.nz 1.2.3
>
> meaning *.trimble.co.nz and 1.2.3.anything are internal addresses. I guess
> that Squid has to resolve any names in URLs it sees to see if they match
> 1.2.3?
>
> Anyway, I went through and removed any occurrance of IP addresses from
"dst"
> style acls, and yet the problem remains...
>
> Is there any other reason why Squid needs to lookup names when it already
> has enough info to go to the parent? After all, after doing the failed DNS
> lookup, it goes to the parent anyway - so why bother?
Received on Thu May 03 2001 - 01:23:07 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:59:47 MST