[squid-users] force squid to kill current connection after reconfigure
Alex Rousskov
rousskov at measurement-factory.com
Mon Aug 8 17:22:41 UTC 2022
On 8/8/22 12:13, Ahmad Alzaeem wrote:
> Sometimes we need to change the tcp_outgoing addresses acl .
>
> We edit it and reconfigure squid , but the current connection still work
> on the old ips of tcp_outgoing
The tcp_outgoing_address directive is applied to each forwarding attempt
(that needs to select a connection), not each network I/O:
* A current forwarding attempt should continue to use the old outgoing
addresses that was selected for it.
* A future forwarding attempt that uses a Squid-server connection
_pinned_ to the client-Squid connection should continue to use the old
outgoing addresses that was selected for that pinned connection. This
happens, for example, in many SslBump configurations.
* Other future forwarding attempts should obey new tcp_outgoing_address
directives. For example, they should not reuse persistent connections
that do not match new tcp_outgoing_address directives.
If you observe something that contradicts the above, please detail your
observations.
> Is there a way we can kill old sessions/connections in the old
> tcp_outgoing after applying reconfigure ?
Squid does not have a feature like this, but there are external tools
that can kill unwanted TCP connections. For example:
https://stackoverflow.com/a/55616004
HTH,
Alex.
More information about the squid-users
mailing list