-   Linux - Server (
-   -   Squid Forwarding? (

Stathis92 12-10-2008 01:26 PM

Squid Forwarding?

I've been searching for a way to make squid forward requests for certain sites, e.g. *, to another cache, but with no luck.

Can someone point me to something that might help me?

acid_kewpie 12-10-2008 03:04 PM

check out the never_direct directive

If you need to control which peers are used when, then you'd be wanting to use the cache_peer_access directive in conjunction with a suitable generic acl, presumably just a dstdomain one.

Stathis92 12-11-2008 04:09 AM

Tried that.
Maybe I'm doing something wrong.

Lets say I want to forward requests for, to the cache, and process all the other queries on itself-not directly, I need caching.

Can someone help? :(

acid_kewpie 12-11-2008 05:49 AM

well do your best and show us the config you've got. the code in the link i gave should really cover it.

Stathis92 12-12-2008 02:08 AM


Ive done this:


acl FWDZONE dstdomain
cache_peer X.X.150.71 parent 8080 0 no-query default
always_direct allow all
always_direct deny FWDZONE
never_direct allow FWDZONE

But it still directly processes all the queries including youtubes.
Btw, I am running Squid 3.0.

acid_kewpie 12-12-2008 03:05 AM

I'm not 100% sure, but i'm pretty sure that the always / never direct statements read top down just like http_access ones, so the always_direct allow all will be overriding the later ones.

Stathis92 12-12-2008 07:01 AM

Tried this, and still no difference.
Everything gets processed locally instead of get forwarded. :/


never_direct allow FWDZONE
never_direct deny all
always_direct deny FWDZONE
always_direct allow all

acid_kewpie 12-12-2008 07:44 AM

you still have the same scenario. 2nd line says that nothing is allowed to go via an intermediate route.

Stathis92 12-12-2008 01:45 PM



never_direct deny all
never_direct allow FWDZONE
always_direct allow all
always_direct deny FWDZONE

never_direct deny all
never_direct allow FWDZONE

Still nothing.
I've also tried removing that "no-query" from the cache_peer directive, but nothing.

acid_kewpie 12-12-2008 04:13 PM

ack.. you have "all" before "FWDZONE"... that's not going to work...

Stathis92 12-13-2008 03:17 AM


Originally Posted by acid_kewpie (Post 3373413)
ack.. you have "all" before "FWDZONE"... that's not going to work...

Ehm, yeah, but in every site I look into, including that link you gave me, the all statement is there.

It doesn't make sense, I mean it should be working now. :S

acid_kewpie 12-13-2008 05:11 AM

no it's not, it's there *AFTER* the more specific ones, not *BEFORE*


To force the use of a proxy for all requests, except those in your local domain use something like
acl local-servers dstdomain
acl all src
never_direct deny local-servers
never_direct allow all <--- AT THE END
or if Squid is inside a firewall and there is local intranet
servers inside the firewall then use something like:

acl local-intranet dstdomain
acl local-external dstdomain
always_direct deny local-external
always_direct allow local-intranet
never_direct allow all <--- AT THE END

All times are GMT -5. The time now is 02:33 AM.