[squid-users] bypassing the proxy for local atomic hostnames

From: Rolf <[email protected]>
Date: Thu, 03 Apr 2003 17:06:50 +1000

hello

I'm having trouble with configuring squid (2.5stable1) to handle internal,
'intranet' addresses which are not fully qualified.

Squid currently is setup to do proxy_auth with active directory group
membership as an additional requirement. This is all working fine.

When I start the browser it is configured to go to an address of the form
http://info/ or http://intranet/dev or similar.

Initially it failed with a dns unresolvable error generated bby the
upstream (ISP) proxy. Not at all surprising as that cache has no knowledge
of our internal dns, where 'info' as a hostname is resolvable.

So I tried adjusting the cache config to not let such urls go upstream. In
fact I'd just like them to go direct. But this didn't work:

acl info url_regex ^http://info/.*
always_direct allow info

I then tried cache_peer_domain with a !info parameter but then I got an
error saying 'unable to forward request at this time', so I don't think
that's it.

What do I have to set such that unqualified hostnames (and urls that are
qualified with our own domain) in urls are sent straight from the proxy to
the host specified (a webserver on the same LAN as the proxy)?

Is is related that when the browser starts it asks for authentication (a la
proxy_auth as above) and once done, ignores the always_direct directive?

Many thanks

rolf.
Received on Thu Apr 03 2003 - 00:03:39 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:14:37 MST