LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices



Reply
 
Search this Thread
Old 02-26-2009, 09:55 AM   #1
banker_09
LQ Newbie
 
Registered: Feb 2009
Posts: 4

Rep: Reputation: 0
Angry single ip bypass squid caching server


Yes, I have squid 3.0.STABLE13-1.fc9.1386 running as a transparent caching server, not using it as a proxy as my company has a separate content filtering box. I have a single ip 192.168.1.234 that needs to bypass the caching server... When I mean bypass i mean it has to go through the cachign server but any info from that ip can't be cached or seen in logs do to a privacy contract. I'm researching iptable to see if it can be done this way but no luck yet..

Any help is appreciated.
 
Old 02-26-2009, 10:41 AM   #2
osdeals
Member
 
Registered: Jul 2006
Distribution: RHEL, CentOS, PuppyLinux, SuSe, Ubuntu, Debian
Posts: 59

Rep: Reputation: 15
If the IP goes through squid, objects requested will be fetched by squid. Hence, obviously all caching / logging rules will be followed, since caching and logging rules are global to squid and as far as i know, cannot be made specific to source.

Considering that you want anything requested by the IP to neither be cached nor be logged, it would be best for that IP to bypass squid altogether. so, if you;ve configured squid as a transparent cache, you most probably have a line in your iptables that redirects all traffic to port 80 (and also perhaps 443) to port 3128 of the squid host.

You would only need to make sure you write iptables rules for traffic from that ip to not be redirected to squid. (i.e.: the rules to allow that traffic through should simply be redirected to a separate chain, that allows it through unmodified.)

The other alternative is to disable caching altogether in squid and then also configure squid to redirect the logs to a program that filters out logs from that IP before writing to disk. This however defeats the entire purpose of having squid cache.

Do update on how you get along on this. I'm curious.
 
Old 02-27-2009, 10:13 AM   #3
banker_09
LQ Newbie
 
Registered: Feb 2009
Posts: 4

Original Poster
Rep: Reputation: 0
osdeals,

I agree with what you are saying, though I am not new to linux I have not mastered the iptables so i will look at the options and see what if i can have it just stay on port 80 and go right on through. Any help on the iptables command is appreciated and I thank you for your help.. WEll off to the web and man pages....
 
  


Reply

Tags
cache, log, proxy, squid


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
squid bypass some domains nima0102 Linux - Server 6 02-27-2009 04:40 AM
Squid - Bypass login for some sites lhqcxg1 Linux - Software 1 09-20-2007 07:45 PM
bypass traffic through squid sapheroth Linux - Networking 1 02-14-2007 02:59 AM
Squid / Apache as caching server for remote xml feeds jimchristy Linux - Software 0 08-02-2006 08:13 AM
Squid - Bypass login for some sites lhqcxg1 Linux - Newbie 0 02-04-2003 04:26 AM


All times are GMT -5. The time now is 08:03 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration