On our squid box, we are trying to prevent squid from caching several
hosts and or hosts with various parameters in the url. The squid proxy
is manadory by several iptables rules. The relevant squid directives and
iptables are below. Any idea what is being done wrong here?
The Squid box is currently running Debian 3.0 w/ Squid version:
[squid.conf]
heirarchy_stoplist cgi-bin ? msoe.edu 155.92 bank cfm php phtml shtml\
asp pl jsp
acl NOCACHEQUERY urlpath_regex cgi-bin \? msoe.edu 155.92 bank cfm php\
shtml asp jsp pl phtml
no_cache deny NOCACHEQUERY
acl mibank dstdomain .mibank.com
no_cache deny mibank
[iptables relevant rules]
iptables -t NAT -A PREROUTING -i eth2 -s ! $SOURCE -p tcp --dport 80 -j\
DNAT --to ${PROXY}:80
$SOURCE is defined as our dmz, and squid is running on port 80. $PROXY
is defined as the IP of our proxy.
Right now, the conenctions to our various nocache hosts, are being
rejected, and it is defiently squid, as without squid rules in the
firewall, the sites work fine.
Any Ideas or Suggestions?
--
Jonathan Kline
Milwaukee School of Engineering
klinej at msoe.edu
PGP Key fingerprint = 8923 7266 CC84 6D39 6AEA 2313 4241 7851 068E BD2A
PGP Key ID = 068EBD2A