I'm using squid in a chain with proxies.
Momentarly is the internal proxy a tasksmart appliance which i would replace with a squid proxy.
We are using this chain because the middle server is a virus scanner.
For the moment this is our solution:
client -----> tasksmart -----> virusscanner -----> external (viruswall) proxy (squid)
now i would change the configuration with a special need.
client -----> internal -----> virusscanner -----> external proxy (squid) (viruswall) proxy (squid) \ / \bypass the virusscanner / for some domains
10.10.x.0 10.10.10.30 10.10.10.7 10.10.10.29
This bypass is for domains which i don't need to scan the content about viruses. Or for some applications which do have a problem with the virus scanner (streaming)
I think the neighbor_type_domain should be the solution but it doesn't work.
And i didn't find my mistake.
I made following entries in the squid.conf File. The IP addresses arent the original one as used in the office.
cache_peer 10.10.10.7 parent 8080 0 no-query cache_peer 10.10.10.29 parent 8080 3130
neighbor_type_domain 10.10.10.29 sibling .foo.ch .ch
#hierarchy_stoplist cgi-bin ?
acl local-intranet dst 10.10.0.0/16 acl local-external dst 10.10.10.0/24 always_direct deny local-intranet always_direct allow local-external never_direct allow all
prefer_direct off
The host 10.10.10.7 didn't know icp. I tried a lot of configuration examples but none worked. The internal squid uses always the server 10.10.10.7. And i didn't want open the internal proxy for direct requests.
Is there a solution for this?
-- Gruss Adrian Senn
-- |p mbox: [EMAIL PROTECTED] _ | |g mbox: [EMAIL PROTECTED] ASCII ribbon campaign ( )| |www: <http://www.senn.ch/> - against HTML email X | | <http://www.cevinet.ch/> & vCards / \|
