[squid-users] Website bypass with always-direct
Antony Stone
Antony.Stone at squid.open.source.it
Thu Dec 14 11:07:58 UTC 2017
On Thursday 14 December 2017 at 11:21:52, Jorge Bastos wrote:
> Alex,
>
> > > Ok, so what would be the directive to allow what i want to achieve?
> >
> > What do you want to achieve?
> >
> > Earlier, you implied that you do not want to see a request in Squid logs.
> > As Amos have said, Squid cannot "unsee" the transaction: Once the
> > transaction reaches Squid, Squid will handle it (forward, block, delay,
> > mangle, log, etc.). If you want Squid to not see a transaction, then all
> > the solutions will be outside of Squid and its directives. Please explain
> > what you want with this fact in mind.
>
> It's what I want,
> I thought squid would be able to do that bypass!
> I have to do it with iptables then,
1. What type of accesses do you want to avoid having in the Squid logs (and
incidentally, why - what's wrong with these requests going through Squid)?
2. The only way I can think of you being able to do this with Squid would be
to set up a hierarchy - one "front-end" Squid server which does no caching
(I'm assuming this is part of what you want to achieve), and then either does
"direct" accesses to the origin server (for the requests you don't want Squid
to process), or "parent" accesses to the "back-end" caching Squid server, for
the ones you are happy to go through Squid. You then regard the "back-end"
server as your "real Squid server" and treat the "front-end" machine as just a
way of routing the requests according to your rules.
3. Is the thing you are really trying to achieve "not having the requests show
up in Squid's log files" or "not being processed by Squid"? What's the reason
for whichever one this is - what is the problem with the way things are
working now which you are trying to solve?
Antony.
--
Python is executable pseudocode.
Perl is executable line noise.
Please reply to the list;
please *don't* CC me.
More information about the squid-users
mailing list