On Mon, Jan 06, 2003 at 06:37:25AM +0100, Henrik Nordstrom wrote:
> Sam Carleton wrote:
> >
> > Folks,
> >
> > I hve configured squid as a transparent proxy. The
> > configuration is simple. There is one firewall which is where
> > the squid proxy is running. The firewall has three NIC's:
> > Internet, Server (172.16.0.0/24), Private (192.168.0.0/24).
> >
> > The firewall is NetBSD 1.6. The transparent proxy is
> > configured vi re-routing traffic on port 80 that is coming in
> > from the private network to port 3128 of the firewall/squid
> > machine:
> >
> > rdr ex0 0/0 port 80 -> 192.168.0.1 port 3128 tcp
> >
> > I need to find a way so that squid does NOT cache anything on
> > the server network (172.16.0.0/24). Not knowing how to modify
> > the rdr rule, I added the following to my squid.conf but with
> > no avail. Can someone enlighten me, PLEASE?
> >
> > acl server_network src 172.16.0.0/24
> > no_cache deny server_network
>
> Hmm.. are you trying to exclude your own servers from beeing cached when
> accessed by your clients, or trying to allow your servers to bypass the
> cache when going to the Internet?
>
>
> If the first then
>
> acl server_network dst 172.16.0.0/24
>
>
> In both cases, excluding the server network from the redirection is the
> best approach unless you also want to have the requests logged by Squid.
Henrik,
I am trying to exluce my servers from being cached when
accessed by my clients.
I would LOVE to know how to exclude the server network from the
redirection, but don't have a clue as to how to do that If my
understanding if the ipnat rule is correct, it is redirecting
anything neading for the gateway on the 192.168.0.0/24 (ex0)
network. The servers are only accessable through that gateway.
How do I write a ipnat rule that excludes traffic heading to the
172.16.0.0/24 (ex1) network?
Sam
Received on Mon Jan 06 2003 - 04:34:46 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:28 MST