Thanks. Still not working. append_domain adds the domain as expected but still the request is being passed to the upstream cache (outside our net) which has no knowledge of our hosts, qualified or not.
So always_direct is set as follows
acl local-sites dstdomain .domain.com.au always_direct allow local-sites
But it makes no difference.
As the always_direct directive is after the proxy-auth directives in squid.conf, I tried moving it to before that section, so it is now near the start of the config (I am guessing). No difference.
So immediately after the always_direct I added http_access allow local-sites
That had the (incidentally desirable) effect of stopping the username/password prompt occurring when the browser starts, but still the request was passed to the upstream proxy and failed as before.
I can see that always_direct is the setting but it seems to be being ignored.
Thoughts?
Thanks
Rolf.
See append_domain and always_direct directives.
Regard Henrik
Rolf wrote: > > hello > > I'm having trouble with configuring squid (2.5stable1) to handle internal, > 'intranet' addresses which are not fully qualified. > > Squid currently is setup to do proxy_auth with active directory group > membership as an additional requirement. This is all working fine. > > When I start the browser it is configured to go to an address of the form > http://info/ or http://intranet/dev or similar. > > Initially it failed with a dns unresolvable error generated bby the > upstream (ISP) proxy. Not at all surprising as that cache has no knowledge > of our internal dns, where 'info' as a hostname is resolvable. > > So I tried adjusting the cache config to not let such urls go upstream. In > fact I'd just like them to go direct. But this didn't work: > > acl info url_regex ^http://info/.* > always_direct allow info > > I then tried cache_peer_domain with a !info parameter but then I got an > error saying 'unable to forward request at this time', so I don't think > that's it. > > What do I have to set such that unqualified hostnames (and urls that are > qualified with our own domain) in urls are sent straight from the proxy to > the host specified (a webserver on the same LAN as the proxy)? > > Is is related that when the browser starts it asks for authentication (a la > proxy_auth as above) and once done, ignores the always_direct directive? > > Many thanks > > rolf.
