[squid-users] redirect IP request to special cache_peer

Amos Jeffries squid3 at treenet.co.nz
Wed Jun 1 10:38:43 UTC 2016 

On 1/06/2016 6:20 p.m., SLeipold wrote:
> Dear squid-users,
> 
> at first:
> thanks for adding me to your mailing list.
> My question is about the cache_peer configuration directive.
> 

First problem. No. Your question is about acces controls and ACL processing.


> In my config I have to use three cache_peer proxies:
> 
> To choose the cache_peer on the basis of the URL its responsible for I use
> the cache_peer_access directive and created a .txt-file with the allowed
> urls. This is working fine.
> 
> But when I request a IP address "http://1.2.3.4" this is not working. For
> example:
> 
> http://test.best works over the responsible cache peer
> http://1.2.3.4 isnĀ“t working


How exactly are you requesting a IP address?
Some tools will go directly to that IP instead of through the proxy.

If the request does go through the proxy. What is the http_port line
that received it?

Do you have any always_direct, preer_direct or never_direct lines in
your config?

> 
> The configuration looks the following:
> 
> acl parent1 url_regex -i "/etc/squid/parent1.txt
> 
> content of parent1.txt:
> ^http://test.best --> working
> ^http://1.2.3.4 --> not using the parent proxy and tries direct access.

You call the contents of the parent1.txt URLs. But you told Squid it
contains regex patterns to be matched against the actual URLs.

So its contents will only "work" if the entries you place in there are
valid regex patterns that also happen to match the effective-URLs of the
requests the proxy handles.

I suggest you use a dstdomain ACL type instead of url_regex. Then list
the domains that are expected to be handled by that peer.

Doing that will avoid problems with gettign teh regex correct, and
dstdomain is faster than regex.

> 
> cache_peer 10.1.2.3 parent 8080 name=parent1
> cache_peer_access parent1 allow parent1
> cache_peer_access parent1 deny all
> 
> Can you tell me where the fault is?

The problem is not clear from the details provided so far. The answer to
my earlier questsions above may provide more useful hints.

Amos

More information about the squid-users mailing list