Using iptables to bypass squid proxy for a specific domain
We're running SmartFilter (an Internet content filter) on RedHat Linux Enterprise and squid. Traffic is directied to our proxy from our member schools through a variety of means (router policy based rules, Windows profiles, firewall appliance proxy configurations).
There are a few destination sites that do not work well when traffic goes through our proxy so we would like to bypass squid totally for specific domains (IPs).
The iptables line redirecting traffic to squid is:
-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-port 3128
After MUCH research, we have tried placing the line below just ahead of it in iptables.
-A PREROUTING -p tcp -m tcp -d a.b.c.d -j ACCEPT
(where a.b.c.d is the destination domain we would like to bypass squid for.)
After editing iptables and restarting that service, web traffic to the a.b.c.d domain still shows up in /usr/local/squid/var/logs/access.log so traffic to a.b.c.d is still going through squid.
Thanks in advance!