Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 02-26-2009, 08:55 AM   #1
LQ Newbie
Registered: Feb 2009
Posts: 4

Rep: Reputation: 0
Angry single ip bypass squid caching server

Yes, I have squid 3.0.STABLE13-1.fc9.1386 running as a transparent caching server, not using it as a proxy as my company has a separate content filtering box. I have a single ip that needs to bypass the caching server... When I mean bypass i mean it has to go through the cachign server but any info from that ip can't be cached or seen in logs do to a privacy contract. I'm researching iptable to see if it can be done this way but no luck yet..

Any help is appreciated.
Old 02-26-2009, 09:41 AM   #2
Registered: Jul 2006
Distribution: RHEL, CentOS, PuppyLinux, SuSe, Ubuntu, Debian
Posts: 59

Rep: Reputation: 15
If the IP goes through squid, objects requested will be fetched by squid. Hence, obviously all caching / logging rules will be followed, since caching and logging rules are global to squid and as far as i know, cannot be made specific to source.

Considering that you want anything requested by the IP to neither be cached nor be logged, it would be best for that IP to bypass squid altogether. so, if you;ve configured squid as a transparent cache, you most probably have a line in your iptables that redirects all traffic to port 80 (and also perhaps 443) to port 3128 of the squid host.

You would only need to make sure you write iptables rules for traffic from that ip to not be redirected to squid. (i.e.: the rules to allow that traffic through should simply be redirected to a separate chain, that allows it through unmodified.)

The other alternative is to disable caching altogether in squid and then also configure squid to redirect the logs to a program that filters out logs from that IP before writing to disk. This however defeats the entire purpose of having squid cache.

Do update on how you get along on this. I'm curious.
Old 02-27-2009, 09:13 AM   #3
LQ Newbie
Registered: Feb 2009
Posts: 4

Original Poster
Rep: Reputation: 0

I agree with what you are saying, though I am not new to linux I have not mastered the iptables so i will look at the options and see what if i can have it just stay on port 80 and go right on through. Any help on the iptables command is appreciated and I thank you for your help.. WEll off to the web and man pages....


cache, log, proxy, squid

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
squid bypass some domains nima0102 Linux - Server 6 02-27-2009 03:40 AM
Squid - Bypass login for some sites lhqcxg1 Linux - Software 1 09-20-2007 06:45 PM
bypass traffic through squid sapheroth Linux - Networking 1 02-14-2007 01:59 AM
Squid / Apache as caching server for remote xml feeds jimchristy Linux - Software 0 08-02-2006 07:13 AM
Squid - Bypass login for some sites lhqcxg1 Linux - Newbie 0 02-04-2003 03:26 AM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 03:56 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration