[squid-users] allways_direct SSL

j.emerlik j.emerlik at gmail.com
Fri Apr 6 08:02:43 UTC 2018


On Thu, Apr 5, 2018, 23:44 Amos Jeffries <squid3 at treenet.co.nz> wrote:

> On 06/04/18 08:56, j.e. wrote:
> > (squid 3.5) I have in my config acl for some domains like:
> >
> > acl mydomains dstdomain "/usr/local....."
> >
> > and
> >
> > cache_peer_access 10.10.x.x allow mydomains
> >
> > so all http traffic to domains from my list is forwarded (port 80) to
> > another squid and that's works correct but only for port 80, traffic to
> > port 443 does work probably because there in config is set:
> >
> > allways_direct allow SSL_ports
> >
> > and forwarding to my another squid not working.
>
> How is your cache_peer directive setup?
>
> It is more likely because your peer is not setup to receive HTTPS
> traffic, so the "mydomains" stuff is not going where you may think.
>
> Amos
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users


Thx for response , below part of my config :

cache_peer 10.10.x.x parent 31281 0 proxy-only no-tproxy

acl mydomains dstdomain "use/local....."

cache_pee_access 10.10.x.x allow mydomain

never_direct allow mydomain

peer_connect_timeout 5 seconds




>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20180406/918e5bd5/attachment.html>


More information about the squid-users mailing list