[squid-users] issue with multiple outgoing addresses for same source address
Amos Jeffries
squid3 at treenet.co.nz
Mon Jul 13 06:50:59 UTC 2015
On 13/07/2015 10:50 a.m., Jason Enzer wrote:
> 'm hardly a novice in squid (more of an initiate, actually) ... but it
> looks like you've got the deny rules backwards in examples 2 & 3. With
> they assumption that the first rule works fine, they should read:
>
> 2. http_access deny *ip2 inc3172*
>
> 3. http_access deny *ip3 inc3173*
>
> client still shows outgoing address from first acl statement... if i
> comment out the first acl the 2nd acl works and the outgoing address
> is what is expected.
>
The "myip" and "myport" ACLs were deprecated years ago due to unreliability.
Use "myportname" ACL type instead. That matches the actual listening
port Squid received on, not a lookup of its host IP(s).
Or you could use "localip" ACL type, which uses the IP from the TCP
connection arriving at Squid.
Amos
More information about the squid-users
mailing list