[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: [K12OSN] squid no_cache statement



On Tue, 19 Feb 2002, Mark Orenstein wrote:

>Hi Eric,
>
>Thanks once again.  However, I'm a little confused.  From reading, I thought
>that always_direct had to do only with bypassing proxy peering (which we
>don't use).  I thought that squid always checked its local cache first and
>if it had a hit, then it would not go to either a peer or direct.  That's
>why I was looking at no_cache.  The requirement for the application that we
>will be using is that its pages are always retreived from its site rather
>than any cache.
>
>Mark Orenstein
>East Granby, CT School System


Oh, sorry... you're right I cut-n-pasted the wrong example.

Define the ACL the same way, then deny caching for it with no_cache. 
For example:

	acl hotmail dstdomain .hotmail.com
	no_cache deny hotmail

-Eric

>-----Original Message-----
>From: k12osn-admin redhat com [mailto:k12osn-admin redhat com]On Behalf
>Of Eric Harrison
>Sent: Monday, February 18, 2002 9:42 PM
>To: Mark Orenstein
>Cc: k12osn redhat com
>Subject: Re: [K12OSN] squid no_cache statement
>
>
>On Mon, 18 Feb 2002, Mark Orenstein wrote:
>
>>We've been using squid for a couple of years (squidGuard for a few months).
>>Now a requirement has come up to bypass the cache for about 6 URLS or a
>>range of IP addresses.  I see a no_cache section in squid.conf currently
>>having
>>
>>#acl QUERY urlpath_regex cgi-bin \?
>>#no_cache deny QUERY
>>
>>Can I just put the URL's into an ACL and use no_cache?
>>
>>For example,
>>
>>acl NEWAP urlpath_regex http://*.URL1.com http://*.URL2.COM ...
>>no_cache deny NEWAP
>>
>>Is it possible to put an IP address range into this type of ACL?
>>
>>Mark Orenstein
>>East Granby, CT School System
>
>This is covered by the FAQ:
>
>	http://www.squid-cache.org/Doc/FAQ/FAQ-4.html#ss4.19
>
>	For example, if you want Squid to connect directly to hotmail.com servers,
>	you can use these lines in your config file:
>
>	acl hotmail dstdomain .hotmail.com
>	always_direct allow hotmail
>
>As for using IP address ranges into ACLs, you'll find all of the different
>flavors of ACLs here:
>
>	http://squid.visolve.com/squid24s1/access_controls.htm#acl
>
>
>Since you stated that you are using squidGuard, also note that you have to
>take different precautions if the domains are in your blacklist databases.
>SquidGuard can manipulate the URL before squid sees it, so the squid ACLs
>won't have an affect if the site is blocked. In this case, you'll have to
>explicity remove the entry or explicity permit it.
>
>-Eric
>
>





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]