On Wednesday 05 March 2003 08.11, Ben White wrote: > In feb 03 forum, you said : > > always_direct allow -> Squid MUST go direct > never_direct allow -> Squid MUST NOT go direct > > then, is it right for me to interpret that : > > always_direct deny --> Squid MUST NOT go direct > never_direct deny --> Squid MUST NOT go direct
Nope. Squid first looks at always_direct. If it is "allow" then Squid goes directly (default is deny). Then Squid looks at never_direct. If it is "allow" then Squid does not go directly unless already done so above. (default is deny). Finally, if both are deny (the default), Squid decides based on the request, satus of your peers and some other factors where to send the request. > What I want to do in my Squid, is simply to forward > all requests from my LAN to 10.x.x.x (parent). After > checking with the FAQ, I think I shd write something > like : > > cache_peer 10.x.x.x parent 8080 0 no-query default > never_direct allow LAN Looks good, but assuming only your users are allowed to use your Squid you might just as well use never_direct allow all The normal configuration if you want all traffic to go via a parent, such as if you are in a private network with no direct Internet connectivity or have other reasons to always use the parent proxy no matter what is never_direct allow all and then always_direct for the few destinations which you do not want to use the parent. This is usually the local web servers on your network and/or the network between you and the parent.. Things get a little more complex if you want some traffic to always be sent via a specific parent while other traffic sent via some other parent but that is another story. Regards Henrik
