At 17:04 14.02.00 -0800, Mick Hanna wrote:
>what i wish to do is make the 3 client connect directly with the apache
>server via squid and all other web requests to go out to the internet.
This is a contradiction in itself. "Via" is not "direct". Your clients
can connect either directly or via Squid.
>i use the never_direct directive as such:
>acl mydomain dstdomain mydomain.net
>never_direct deny mydomain.net
>never_direct allow all
>
>thing seem to be working but upon looking at the apache_access log, i see
>that the requests from the local clients to the local apache server are
>getting logged as comming from frontier (the server itself)
>squid logs say the correct thing ie (coming from the clients ip addresses)
>this makes it hard to impliment apache auth stuff.
Both logs are correct as far as they go. Squid is a proxy, i.e.
it connects to the server on behalf of the clients. By
consequence, the server sees the requests as coming from Squid.
>if i edit the browsers bypass proxy for domain it logs correctly.
>but if i could do this from squid it would be cleaner :)
This is logically impossible. The only entity which can decide
whether the connection should be direct or via a proxy, is the
client. Squid only gets involved in a request if the client has
already decided to use it, i.e. *not* to connect directly to
the server. There is no way to make an indirect connection
direct after the fact.
What I'd recommend in this scenario is using a proxy auto-
configuration (PAC) script. This allows you to maintain your
clients' proxy settings centrally.
-- Tilman Schmidt E-Mail: Tilman.Schmidt@sema.de (office) Sema Group Koeln, Germany tilman@schmidt.bn.uunet.de (private)Received on Mon Feb 14 2000 - 03:33:10 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:51:12 MST