On Wednesday 03 April 2002 20:25, Simon White wrote:
> never_direct deny acl_zone
>
> I never quite understood why there are both these declarations
First lets see what squid.conf.default says:
always_direct
Here you can use ACL elements to specify requests which should
ALWAYS be forwarded directly to origin servers.
NOTE: There is a similar, but opposite option named
'never_direct'. You need to be aware that "always_direct deny
foo" is NOT the same thing as "never_direct allow foo". You
may need to use a deny rule to exclude a more-specific case of
some other rule.
never_direct
never_direct is the opposite of always_direct. Please read
the description for always_direct if you have not already.
With 'never_direct' you can use ACL elements to specify
requests which should NEVER be forwarded directly to origin
servers.
The default state for both directives is deny. I.e. the request is
not forced to behave either way and Squid may choose the type of path
it thinks is most suitable for the request.
If both are allowed, then always_direct is given a higher precedence
than never_direct as this fits well for the most common situation of
using these directives.. (i.e. should never go direct, except for
these few sites where it should always go direct..)
The default is to use peers on cacheable requests only, and go direct
on requests known to not be cacheable such as POST or forced reloads.
There is also the related directives prefer_direct and
nonhierarchical_direct. See their descriptions in squid.conf.default
for details. There is also a post from me somewhere in the
squid-users archives explaining the full peer/path selection
algorithm.. (well, most of it anyway.. it is a somewhat complex
story)
Regards
Henrik
-- MARA Systems AB, Giving you basic free Squid support Customized solutions, packaged solutions and priority support available on requestReceived on Wed Apr 03 2002 - 16:12:27 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:20 MST