I have a constant problem with Host header forgery detection on squid doing
peek and splice.
I see this most commonly with CDN, Amazon and microsoft due to the fact
there TTL is only 5 seconds on certain dns entries im connecting to. So
when my client connects through my squid i get host header issues due to
the contstant dns changes at these destinations.
I have ready many things online but how do i get around this. I basically
want to allow certain domains or ip subnets to not hit the host header
error (as things break at this point for me ).
Any ideas ?
One example is
Yes my client and Squid use same DNS server, i have even setup my squid as
a bind server and tried that just for fun same issue. Fact is the DNS at
these places changes so fast (5 seconds) the dns response keeps changing/
I just need these approved destinations to make it through
squid-users mailing list