Hello Colin,
Sunday, February 17, 2002, 1:58:41 PM, you wrote:
>> Disable cache_peer and restart squid - everything is fine again.
>>
>> I have not enabled always_direct.
>> I have not enabled never_direct.
CC> You must. You need something like:
CC> acl bigmilky dstdomain .milkyway.hom
CC> acl bigantares dstdomain .antares.hom
CC> always_direct allow bigmilky
CC> always_direct allow bigantares
CC> never_direct allow all
CC> That will cause your squid to go direct to any servers in the milkyway.hom
CC> or antares.hom domains and go via your parent for anything else.
Thank you - that worked.
I can now enable cache_peer yet go directly to the local
webserver by ipaddy.
However, when I stop squid here's an error message that I see:
Executing /etc/rc.d/init.d/squid stop ..
Stopping squid: 2002/02/17 19:51:42| squid.conf line 1182: never_direct allow all
2002/02/17 19:51:42| aclParseAccessLine: ACL name 'all' not found.
2002/02/17 19:51:42| squid.conf line 1182: never_direct allow all
2002/02/17 19:51:42| aclParseAccessLine: Access line contains no ACL's, skipping
Here's my ACL per suggestion:
acl bigmilky dstdomain .milkyway.hom
acl bigantares dstdomain .antares.hom
always_direct allow bigmilky
always_direct allow bigantares
never_direct allow all
I'm very new to ACLs and when I screw it up it affects
everything and it's confusing to identify who owns the problem
so thanks again for such an explicit example.
On a related subject - is it true that everything will fail
if my local DNS is down or the workstation in either fakedomain
does *not* have a fully forward/reversible address?
So I need to populate my zone files with at least an entry
for each machine in both fakedomains? And preferribly go ahead
and populate all addresses so that if I enable DHCP it will still all
work?
Received on Sun Feb 17 2002 - 22:09:52 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:06:25 MST