[squid-users] Is it possible to send the connection, starting with the CONNECT, to cache-peer?

Yuri Voinov yvoinov at gmail.com
Wed Sep 16 16:36:50 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
 
Hm.

If I understand correctly, the right configuration must be:

# Privoxy+Tor access rules
never_direct allow CONNECT
never_direct allow tor_url

# Local Privoxy is cache parent
cache_peer 127.0.0.1 parent 8118 0 no-query no-digest default

cache_peer_access 127.0.0.1 allow tor_url
cache_peer_access 127.0.0.1 deny all

Right?

But:

http://i.imgur.com/UMxt2vh.png

Is CONNECT always requires DIRECT?

I can't see FIRSTUP_PARENT for CONNECT in access log:

1442419630.962 168084 127.0.0.1 TAG_NONE/200 0 CONNECT
torproject.org:443 - HIER_DIRECT/154.35.132.70 -
1442420935.127 168180 127.0.0.1 TAG_NONE/200 0 CONNECT
torproject.org:443 - HIER_DIRECT/38.229.72.16 -

Because of IP's banned by ISP, direct CONNECT got timeout.

Also, all rot_url ACL can't connect.

Where I'm wrong?

16.09.15 22:03, Amos Jeffries пишет:
> never_direct allow CONNECT

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
 
iQEcBAEBCAAGBQJV+ZqiAAoJENNXIZxhPexGlFMIAKQ8dcxLXW8fJ8Os9WDHLdtI
RgVcJJvMxGq7VaSPiHIfZA3vV5//8ceg6kYJsP1rNckdsAyuaOsJlOlw3ammTjpR
zmLh/FKKAk8VG1S1npYnrlpcTUnbNf4O4vM+N2vEnQvdizNlhswhaXvgfc0/lrWV
Redi+jmGwBkPbiN8npwz6Xe0VbC3PMGwB4VefqCS8TN3z3Y2ABTTwJ4nMyUPuKIo
G4zdS9utXcnsqxhyIz7WIj9hVRfn2Jkl5SiWhyccqyELt4LwBJ0SMadGvDifA+Gg
ulQnJjXn+xSOdpmGN1HcYXqMgl0MoPGe+RpcxYAYJcwJfDd1llN7KyS6lYPmNJo=
=BIrI
-----END PGP SIGNATURE-----




More information about the squid-users mailing list