Squid Forwarding?

Stathis92 · 12-10-2008, 12:26 PM

Hello

I've been searching for a way to make squid forward requests for certain sites, e.g. *.youtube.com, to another cache, but with no luck.

Can someone point me to something that might help me?

acid_kewpie · 12-10-2008, 02:04 PM

check out the never_direct directive http://www.visolve.com/squid/squid30...p#never_direct

If you need to control which peers are used when, then you'd be wanting to use the cache_peer_access directive in conjunction with a suitable generic acl, presumably just a dstdomain one.

Stathis92 · 12-11-2008, 03:09 AM

Tried that.
Maybe I'm doing something wrong.

Lets say I want to forward requests for .youtube.com, to the cache 10.0.0.20, and process all the other queries on itself-not directly, I need caching.

Can someone help?

acid_kewpie · 12-11-2008, 04:49 AM

well do your best and show us the config you've got. the code in the link i gave should really cover it.

Stathis92 · 12-12-2008, 01:08 AM

Right.

Ive done this:

Code:

acl FWDZONE dstdomain .youtube.com
cache_peer X.X.150.71 parent 8080 0 no-query default
always_direct allow all
always_direct deny FWDZONE
never_direct allow FWDZONE

But it still directly processes all the queries including youtubes.
Btw, I am running Squid 3.0.

acid_kewpie · 12-12-2008, 02:05 AM

I'm not 100% sure, but i'm pretty sure that the always / never direct statements read top down just like http_access ones, so the always_direct allow all will be overriding the later ones.

Stathis92 · 12-12-2008, 06:01 AM

Tried this, and still no difference.
Everything gets processed locally instead of get forwarded. :/

Code:

never_direct allow FWDZONE
never_direct deny all
always_direct deny FWDZONE
always_direct allow all

acid_kewpie · 12-12-2008, 06:44 AM

you still have the same scenario. 2nd line says that nothing is allowed to go via an intermediate route.

Stathis92 · 12-12-2008, 12:45 PM

Tried:

Quote:

never_direct deny all
never_direct allow FWDZONE
always_direct allow all
always_direct deny FWDZONE

and

Quote:

never_direct deny all
never_direct allow FWDZONE

Still nothing.
I've also tried removing that "no-query" from the cache_peer directive, but nothing.

acid_kewpie · 12-12-2008, 03:13 PM

ack.. you have "all" before "FWDZONE"... that's not going to work...

Stathis92 · 12-13-2008, 02:17 AM

Quote:

Originally Posted by acid_kewpie

ack.. you have "all" before "FWDZONE"... that's not going to work...

Ehm, yeah, but in every site I look into, including that link you gave me, the all statement is there.

It doesn't make sense, I mean it should be working now. :S

acid_kewpie · 12-13-2008, 04:11 AM

no it's not, it's there *AFTER* the more specific ones, not *BEFORE*

Code:

Example(s)
To force the use of a proxy for all requests, except those in your local domain use something like
acl local-servers dstdomain .foo.net
acl all src 0.0.0.0/0.0.0.0
never_direct deny local-servers
never_direct allow all <--- AT THE END
    
or if Squid is inside a firewall and there is local intranet
servers inside the firewall then use something like:

acl local-intranet dstdomain .foo.net
acl local-external dstdomain external.foo.net
always_direct deny local-external
always_direct allow local-intranet
never_direct allow all <--- AT THE END