[squid-users] How can I forward most requests to another proxy, except a few domains?
Matthew H
Matthew at marrold.co.uk
Sun Aug 27 23:28:33 UTC 2023
Hi all,
I'm trying to use squid to proxy requests to another upstream proxy,
but a few domains should go direct rather than via a proxy.
I've set up squid with a config that I believe should work, but if I
try to access http://dialup.cutel.net I get a 403 from squid and don't
see any requests go out to the origin. Everything via the proxy works
as expected.
One possible issue is I'm using "intercept" mode, and a router with
DSTNAT rules to forward requests to the proxy; however some of the
documents state that NAT must be done on the squid box itself?
Thanks
Config below:
#debug_options ALL,2
debug_options ALL,0 85,2 88,2
# ACL definitions
acl localnet src 127.0.0.1
acl rfc_1918 src 10.0.0.0/8
acl rfc_1918 src 172.16.0.0/12
acl rfc_1918 src 192.168.0.0/16
acl protoweb src 100.80.13.0/24
acl direct_sites dstdomain dialup.cutel.net
# Listen directives
http_port 3128
http_port 0.0.0.0:8080 intercept
# Only allow localhost to access the squid management interface
http_access allow localhost manager
http_access deny manager
# Only allow private and Dial-Up clients to connect to proxy
http_access allow localnet
http_access allow rfc_1918
http_access allow protoweb
http_access allow direct_sites
http_access deny all
always_direct allow direct_sites
always_direct deny all
never_direct deny direct_sites
never_direct allow all
cache_peer wayback.protoweb.org parent 7851 0 default proxy-only
More information about the squid-users
mailing list