Re: Re[2]: [squid-users] reverse DNS by squid when using parent proxy

From: Squid Support (Henrik Nordstrom) <[email protected]>
Date: Sun, 17 Feb 2002 19:43:36 +0100

If you want to deny proxying then this has to be done outside Squid
(usually in the browser configuration). Squid has no control of what
reaches Squid, only how Squid will forward the request once it has
been accepted by Squid.

But I am not sure I understand yoru setup fully. What DNS servers are
you using, and how do the the relevant parts of your squid.conf look
like?

Regards
Henrik

On Sunday 17 February 2002 06.41, Cliff wrote:

> I'm seeing exactly this...I think.
> Squid gets slow and there's reverse lookups happening
> for my internal networks, which shouldn't leak out
> to the internet. Am I understanding the
> implications correctly?
>
> I don't want squid to proxy for both my internal networks
> only when the destination is the web server running on
> the same box.
>
> So how do I deny proxying for:
>
> eth1 DSL out to the wild
> eth0 192.168.1.x milkyway.hom
> eth2 192.168.2.x antares.hom
>
> when the requests are going to the same box?
> The local webserver is at .222 on both networks
> and solarwinds swears up and down that everything
> is fully forward/reversable - no errors on a DNS audit.
> 192.168.1.222 and 192.168.2.222 are the gateways on the same box.
> So there shouldn't be any need for squid to look outside for
> a name lookup even if I turn on FDQN logging, Right?
>
> Happen to have an example of 2 or more networks ACL?
> I'm lost and confused!
>
> Thanks.

-- 
MARA Systems AB, Giving you basic free Squid support
Customized solutions, packaged solutions and priority support
available on request
Received on Sun Feb 17 2002 - 11:59:14 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:06:25 MST