On Thursday 22 November 2001 08.25, khiz code wrote:
> if the client browser does not send a host -header will squid be able to
> identify the origin server and proxy the request to it
> the origin server ip is anyhow present in the IP packet dest IP address
> field isnt it
Correct, provided Squid knows about the method used for redirecting the
traffic.
> in this case of a transparent proxy is there any need in the first place
> for squid to do DNS lookups on the client requests ..this should save some
> time for the DNS lookups isnt it ??? coz when the packet comes to squid the
> DNS lookup has already been done by the client browser isnt it
> TIA
For security reasons Squid then would need to cache objects on their IP +
Host header, or else your users could easily pollute the cache by for example
connecting to the IP of a porn site, and sening a host header of your users
favorite news paper...
because of this complexity, Squid does not trust the client IP resolver when
connecting to named servers.
-- MARA Systems AB Giving you basic free Squid support Priority support or Squid enhancements available on requestReceived on Thu Nov 22 2001 - 01:23:39 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:04:25 MST