LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   Squid Forwarding? (http://www.linuxquestions.org/questions/linux-server-73/squid-forwarding-689629/)

Stathis92 12-10-2008 01:26 PM

Squid Forwarding?
 
Hello

I've been searching for a way to make squid forward requests for certain sites, e.g. *.youtube.com, to another cache, but with no luck.

Can someone point me to something that might help me?

acid_kewpie 12-10-2008 03:04 PM

check out the never_direct directive http://www.visolve.com/squid/squid30...p#never_direct

If you need to control which peers are used when, then you'd be wanting to use the cache_peer_access directive in conjunction with a suitable generic acl, presumably just a dstdomain one.

Stathis92 12-11-2008 04:09 AM

Tried that.
Maybe I'm doing something wrong.


Lets say I want to forward requests for .youtube.com, to the cache 10.0.0.20, and process all the other queries on itself-not directly, I need caching.

Can someone help? :(

acid_kewpie 12-11-2008 05:49 AM

well do your best and show us the config you've got. the code in the link i gave should really cover it.

Stathis92 12-12-2008 02:08 AM

Right.

Ive done this:

Code:

acl FWDZONE dstdomain .youtube.com
cache_peer X.X.150.71 parent 8080 0 no-query default
always_direct allow all
always_direct deny FWDZONE
never_direct allow FWDZONE


But it still directly processes all the queries including youtubes.
Btw, I am running Squid 3.0.

acid_kewpie 12-12-2008 03:05 AM

I'm not 100% sure, but i'm pretty sure that the always / never direct statements read top down just like http_access ones, so the always_direct allow all will be overriding the later ones.

Stathis92 12-12-2008 07:01 AM

Tried this, and still no difference.
Everything gets processed locally instead of get forwarded. :/

Code:

never_direct allow FWDZONE
never_direct deny all
always_direct deny FWDZONE
always_direct allow all


acid_kewpie 12-12-2008 07:44 AM

you still have the same scenario. 2nd line says that nothing is allowed to go via an intermediate route.

Stathis92 12-12-2008 01:45 PM

Tried:

Quote:

never_direct deny all
never_direct allow FWDZONE
always_direct allow all
always_direct deny FWDZONE
and
Quote:

never_direct deny all
never_direct allow FWDZONE

Still nothing.
I've also tried removing that "no-query" from the cache_peer directive, but nothing.

acid_kewpie 12-12-2008 04:13 PM

ack.. you have "all" before "FWDZONE"... that's not going to work...

Stathis92 12-13-2008 03:17 AM

Quote:

Originally Posted by acid_kewpie (Post 3373413)
ack.. you have "all" before "FWDZONE"... that's not going to work...

Ehm, yeah, but in every site I look into, including that link you gave me, the all statement is there.

It doesn't make sense, I mean it should be working now. :S

acid_kewpie 12-13-2008 05:11 AM

no it's not, it's there *AFTER* the more specific ones, not *BEFORE*

Code:

Example(s)
To force the use of a proxy for all requests, except those in your local domain use something like
acl local-servers dstdomain .foo.net
acl all src 0.0.0.0/0.0.0.0
never_direct deny local-servers
never_direct allow all <--- AT THE END
   
or if Squid is inside a firewall and there is local intranet
servers inside the firewall then use something like:

acl local-intranet dstdomain .foo.net
acl local-external dstdomain external.foo.net
always_direct deny local-external
always_direct allow local-intranet
never_direct allow all <--- AT THE END



All times are GMT -5. The time now is 12:36 AM.