From owner-freebsd-questions  Tue Oct 28 14:06:14 1997
Return-Path: <owner-freebsd-questions>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id OAA25007
          for questions-outgoing; Tue, 28 Oct 1997 14:06:14 -0800 (PST)
          (envelope-from owner-freebsd-questions)
Received: from sam.networx.ie (ts08-09.dublin.indigo.ie [194.125.148.150])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id OAA24987
          for <questions@FreeBSD.ORG>; Tue, 28 Oct 1997 14:06:07 -0800 (PST)
          (envelope-from mike@NetworX.ie)
Received: from mike (mike.networx.ie [194.9.12.33])
          by sam.networx.ie (8.8.5/8.8.5) with SMTP id VAA19755;
          Tue, 28 Oct 1997 21:41:30 GMT
X-Organisation: I.T. NetworX Ltd
X-Business:     Network Consultancy and Training
X-Address:      67 Merrion Square, Dublin 2, Ireland
X-Voice:        +353-1-676-8866
X-Fax:          +353-1-676-8868
Date: Tue, 28 Oct 1997 21:40:30 GMT
From: Michael Ryan <mike@NetworX.ie>
Reply-To: mike@NetworX.ie
Subject: Re: dfilter in iijppp
To: "Pseudo-user collecting FreeBSD mailing lists." <freebsd@vicotec.kiev.ua>
cc: FreeBSD Support <questions@FreeBSD.ORG>
Message-ID: <ECS9710282130I@NetworX.ie>
Priority: Normal
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

Hi Igor,

On Tue, 28 Oct 1997 10:58:51 +0200 (EET) Pseudo-user collecting FreeBSD mailing 
lists. wrote:

> >From /usr/local/squid/etc/squid.conf:
> 
> "If you want to disable DNS tests, do not comment out or delete this list.
> Instead use the -D command line option"
> 
> It works for me.

My understanding of "dns_testnames" is it's how Squid determines if there's
a path to the Internet or not.  On my machine, I've simply set this to the
localhost "dns_testnames localhost".  That' fine, but it's not what I was
talking about.

My problem is that for Squid to actually go out there and retrieve pages,
the first thing it'll do is generate a DNS query on the host name of the
web site.  Unless DNS is permitted in the dfilter rule set, this will not
trigger the ppp dial-up, so Squid will fail, saying that the host isn't
reachable (because the IP address couldn't be ascertained).  Therefore,
it seems to me that DNS -must- be permitted in the dfilter ruleset.

My problem with this is that, now, -every- service will, in effect, cause
the dial-up to occur, because almost every service will first of all
generate a DNS query (just like Squid).

See what I mean?


Bye,
Mike
<mike@NetworX.ie>
---