From owner-freebsd-isp  Tue Jul 18 22:30:41 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from picalon.gun.de (picalon.gun.de [192.109.159.1])
	by hub.freebsd.org (Postfix) with ESMTP id EABF037BCDB
	for <freebsd-isp@FreeBSD.ORG>; Tue, 18 Jul 2000 22:30:36 -0700 (PDT)
	(envelope-from andreas@klemm.gtn.com)
Received: (from uucp@localhost)
	by picalon.gun.de (8.9.3/8.9.3) id HAA24055;
	Wed, 19 Jul 2000 07:30:18 +0200 (MET DST)
>Received: (from andreas@localhost)
	by klemm.gtn.com (8.9.3/8.9.3) id HAA78260;
	Wed, 19 Jul 2000 07:29:54 +0200 (CEST)
	(envelope-from andreas)
Date: Wed, 19 Jul 2000 07:29:54 +0200
From: Andreas Klemm <andreas@klemm.gtn.com>
To: tim@iafrica.com.na
Cc: andreas.klemm.ak@bayer-ag.de,
	"freebsd-isp@freebsd.org" <freebsd-isp@FreeBSD.ORG>
Subject: Re: squid caching proxy behind a firewall ...
Message-ID: <20000719072954.A77973@titan.klemm.gtn.com>
References: <0006800027735676000002L062*@MHS> <39749AFA.7F8111DD@polytechnic.edu.na>
Mime-Version: 1.0
Content-Disposition: inline
User-Agent: Mutt/1.2.4i
In-Reply-To: <39749AFA.7F8111DD@polytechnic.edu.na>; from tim@polytechnic.edu.na on Tue, Jul 18, 2000 at 06:59:22PM +0100
X-Operating-System: FreeBSD 4.1-RC SMP
X-Disclaimer: A free society is one where it is safe to be unpopular
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Tue, Jul 18, 2000 at 06:59:22PM +0100, Tim Priebe wrote:
> I do not have the configs in front of me, but basically you can
> configure it with the option noquery for the parent, ie the "real proxy
> server", and then deny all direct accesses. The standard config file
> explains each.

I used yesterday (before giving up temporarily and writing to the list ;-):

cache_peer FQDNofCompanyProxy parent 80 7 no-query

"7" for disabling  ICP:
#    icp_port:  Used for querying neighbor caches about
#                    objects.  To have a non-ICP neighbor
#                    specify '7' for the ICP port and make sure the
#                    neighbor machine has the UDP echo port
#                    enabled in its /etc/inetd.conf file.

no query for:
#	use 'no-query' to NOT send ICP queries to this
#       neighbor.

Well then I configured netscape to use my local squid cache
on port 3128 and I get problems in name resolving ....

Squid usually tries to resolve names into addresses and _then_
it asks its parent and neighbor caches.

Since I'm in the intranet and doesn't have access to the outside
DNS server I have a problem here ...

You are a bit unspecific (sorry) concerning "then deny all direct accesses".
Direct accesses to what ??? Is is the part, where you think of solving this
DNS request ??? I never tweaked this parameter and would be glad if you 
could name it explicitely so to give me a more specific hint !

Thanks a lot 

	Andreas ///


but squid tried to resolv


-- 
Andreas Klemm                               http://people.FreeBSD.ORG/~andreas
                                     http://www.freebsd.org/~fsmp/SMP/SMP.html
                                   powered by Symmetric MultiProcessor FreeBSD
New APSFILTER 542 and songs from our band - http://people.freebsd.org/~andreas



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message