single ip bypass squid caching server
 

Yes, I have squid 3.0.STABLE13-1.fc9.1386 running as a transparent caching server, not using it as a proxy as my company has a separate content filtering box. I have a single ip 192.168.1.234 that needs to bypass the caching server... When I mean bypass i mean it has to go through the cachign server but any info from that ip can't be cached or seen in logs do to a privacy contract. I'm researching iptable to see if it can be done this way but no luck yet..

Any help is appreciated.

If the IP goes through squid, objects requested will be fetched by squid. Hence, obviously all caching / logging rules will be followed, since caching and logging rules are global to squid and as far as i know, cannot be made specific to source.

Considering that you want anything requested by the IP to neither be cached nor be logged, it would be best for that IP to bypass squid altogether. so, if you;ve configured squid as a transparent cache, you most probably have a line in your iptables that redirects all traffic to port 80 (and also perhaps 443) to port 3128 of the squid host.

You would only need to make sure you write iptables rules for traffic from that ip to not be redirected to squid. (i.e.: the rules to allow that traffic through should simply be redirected to a separate chain, that allows it through unmodified.)

The other alternative is to disable caching altogether in squid and then also configure squid to redirect the logs to a program that filters out logs from that IP before writing to disk. This however defeats the entire purpose of having squid cache.

Do update on how you get along on this. I'm curious.

osdeals,

I agree with what you are saying, though I am not new to linux I have not mastered the iptables so i will look at the options and see what if i can have it just stay on port 80 and go right on through. Any help on the iptables command is appreciated and I thank you for your help.. WEll off to the web and man pages....