[SQU] Squid without DNS

From: David Murphy <[email protected]>
Date: Wed, 21 Feb 2001 21:51:37 +0000

Hi All,
        I'm trying to set up a squid on a system which is inside a
split DNS setup, with no query forwarding - that is, the system on
which squid will run cannot do DNS queries to the internet [1].

I wish to set up squid on this system to act as a front-end to several
proxy caches which do have internet access.

Here's the relevant portion of my squid.con:
acl CONNECT method CONNECT
acl SSL_ports port 443 563
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 80 21 443 563 70 210 1025-65535
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl manager proto cache_object
acl password proxy_auth REQUIRED
anonymize_headers allow Accept-Encoding Accept-Language
anonymize_headers allow Allow Authorization Cache-Control
anonymize_headers allow Content-Encoding Content-Length
anonymize_headers allow Content-Language Mime-Version
anonymize_headers allow Content-Type Date Expires Host
anonymize_headers allow If-Modified-Since Last-Modified
anonymize_headers allow Location Pragma Accept
anonymize_headers allow Proxy-Connection
anonymize_headers allow Retry-After Title Connection
authenticate_program /usr/local/bin/ncsa_auth /usr/local/etc/squid.passwd
cache_access_log /var/squid/logs/access.log
cache_dir ufs /var/squid/cache 6144 16 256
cache_log /var/squid/logs/cache.log
cache_mem 64 MB
cache_peer 10.10.1.1 parent 3128 3130 no-query weight=10 default
cache_peer 10.11.1.1 parent 3128 3130 no-query weight=5
cache_store_log /var/squid/logs/store.log
http_access allow localhost
http_access allow manager localhost
http_access allow password
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all
http_access deny manager
icp_access deny all
log_fqdn off
maximum_object_size 16384 KB
pid_filename /var/run/squid.pid
proxy_auth_realm Restricted access. If you do not have explicit permission to access this resource, disconnect now. Your connection attempt has been logged.
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320

$ squid -v
Squid Cache: Version 2.3.STABLE4

I'm also running squid with the -D option.
However, I still get 'unable to determine IP address' messages when I
try to make a request through squid. Is there something I'm missing?

[1] This is mandated by corporate network policy and cannot be
changed.

-- 
"Where am I supposed to find coelacanths at this time of day?"
"Process doesn't concern me. I'm a high level thinker."
http://www.goats.com/comix/0012/goats001213.gif
David Murphy - For PGP public key, send mail with Subject: send-pgp-key
--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
Received on Wed Feb 21 2001 - 14:56:16 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:58:07 MST