Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
i kinda thought it was self-explanatory... please elaborate...
Quote:
Tag Name always_direct
Usage always_direct allow|deny [!]aclname ...
Description
Here you can use ACL elements to specify requests, which should ALWAYS be forwarded directly to origin servers. This is mostly used while using cache_peer. See also never_direct . For Further reference on always_direct, please click here.
Default always_direct is by default deny.
Example
For example, to always directly forward requests for local servers use something like:
acl local-servers dstdomain .my.domain.net
always_direct allow local-servers
To always forward FTP requests directly, use
acl FTP proto FTP
always_direct allow FTP
Example for denying specific domain
acl local-external dstdomain .external.foo.net
acl local-servers dstdomain .foo.net
always_direct deny local-external
always_direct allow local-servers
Caution
There is a similar, but opposite option named ' never_direct'. You need to be aware that "always_direct deny foo" is NOT the same thing as "never_direct allow foo". You may need to use a deny rule to exclude a more-specific case of some other rule.
Tag Name never_direct
Usage never_direct allow|deny [!]aclname ...
Description
never_direct is the opposite of always_direct. Please read the description for always_direct if you have not already.
With 'never_direct' you can use ACL elements to specify requests, which should NEVER be forwarded directly to origin servers
When always_direct and never_direct are deny (By default), Squid selects based on the request type and a number of other factors if a parent should be used or not, and if a parent could not be reached it will always fallback on direct.
If always_direct is allow then Squid will always go direct to the source without considering any peers.
If never_direct is allow then Squid will never attempt to go direct to the source. Instead it tries very hard to find a parent to send the request to. If no parent can be found then an error is returned. For Further reference on never_direct, please click here.
Default never_direct is by default deny.
Example
For example, to force the use of a proxy for all requests, except those in your local domain use something like:
acl local-servers dstdomain foo.net
acl all src 0.0.0.0/0.0.0.0
never_direct deny local-servers
never_direct allow all
or if squid is inside a firewall and there are local intranet servers inside the firewall then use something like:
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.