ons 2007-01-10 klockan 00:30 -0800 skrev zulkarnain: > Is it possible to configure tcp_outgoing_address to be > able to select ip address based on "dst" acl type > matches?
Yes, but there may occasionally be a false results if the dst is not yet in the ipcache DNS cache. To minimize this evaluate an dst acl in http_access as well. acl do_dns_lookup dst 0.0.0.0/0 http_access deny do_dns_lookup !all before where you allow access. Even with this there may occasionally be a false result if the ipcache DNS entry expires between http_access and where the request is forwarded, but for most time it should work. Regards Henrik
signature.asc
Description: Detta är en digitalt signerad meddelandedel
