Because the acl check in tcp_outgoing_* belongs to the "quick" class,
which cannot wait for external lookups such as DNS to complete.
To get around this you can make bogos http_access rules which forces
Squid to look up the required information, for example the following to
force a DNS lookup of the destination IP
acl nowhere dst 0.0.0.0/32
http_access deny nowhere
at the top of squid.conf.
Regards
Henrik
Massimiliano Cuzzoli wrote:
>
> Hello everybody,
> a useful feature of SQUID 2.5 is the "tcp_outgoing_tos" directive, that
> allow you to mark outgoing IP packet with a specific TOS field.
>
> I have tried to associate this directive with an ACL's type "dst" as below:
>
> acl EXAMPLE1 dst 66.216.68.0/24
> tcp_outgoing_tos 0x30 EXAMPLE1
>
> Sniffing packets, I have observed that packets belonging to the first
> TCP connection pass with a wrong TOS (0x00) and others with a right TOS
> (0x30)
>
> Is there anybody that can tell me why?
>
> Bye!!!
>
> Massimiliano
Received on Fri Mar 28 2003 - 15:12:07 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:14:25 MST