[squid-users] unsure of one acl in squid.conf

From: pat lendon <plendon@dont-contact.us>
Date: Mon, 27 Aug 2001 17:29:18 -0400

Hi all,

I'm unsure of an acl.

We have 18 remote squid servers that use one server as a parent.
cache_peer xx.xx.x.xxx parent 3128 3130 no-query default
login=hostname:xxxxxx

All is working fine, but I'm not clear on why I previously listed the
one acl. I've listed the acl's and my understanding of what is
happening.

I would like to ensure that all requests from remote proxies first check
their own cache and if not cached, then forward to the parent squid,
then off to Internet.

acl parent_proxy url_regex ~http://xx.xx.x.xxx (IP of system with parent
proxy)
acl local_proxy src xx.xx.x.xxx (IP of system with local proxy)
acl FTP proto FTP
acl passwd proxy_auth REQUIRED

never_direct allow all (means all requests must go thru parent, not
direct to Internet)
http_access allow local_proxy (unsure what this acl does, does it mean
that Squid will first check the local squid server's cache and if not
found, always go to parent proxy?)
always_direct allow parent_proxy (always go to parent proxy)
http_access allow passwd (require password)
http_access allow FTP (allow ftp requests)
http_access deny all (deny anyone that doesn't have a password).

Am I off on my understanding of above acl's?

Also, the config is set to require passwords. Is it also possible to
block requests from any other server except local server - and then the
requests for the local server must require password? I'm not sure what
acl is needed for this.

Thank you so much for all of your recent responses.

-pat
Received on Mon Aug 27 2001 - 15:42:33 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:01:56 MST