osdir.com
mailing list archive

Subject: Re: Squid 2.5: tcp_outgoing_tos - msg#01273

List: web.squid.general

Date: Prev Next Index Thread: Prev Next Index
Because the acl check in tcp_outgoing_* belongs to the "quick" class,
which cannot wait for external lookups such as DNS to complete.

To get around this you can make bogos http_access rules which forces
Squid to look up the required information, for example the following to
force a DNS lookup of the destination IP

acl nowhere dst 0.0.0.0/32
http_access deny nowhere

at the top of squid.conf.


Regards
Henrik


Massimiliano Cuzzoli wrote:
>
> Hello everybody,
> a useful feature of SQUID 2.5 is the "tcp_outgoing_tos" directive, that
> allow you to mark outgoing IP packet with a specific TOS field.
>
> I have tried to associate this directive with an ACL's type "dst" as below:
>
> acl EXAMPLE1 dst 66.216.68.0/24
> tcp_outgoing_tos 0x30 EXAMPLE1
>
> Sniffing packets, I have observed that packets belonging to the first
> TCP connection pass with a wrong TOS (0x00) and others with a right TOS
> (0x30)
>
> Is there anybody that can tell me why?
>
> Bye!!!
>
> Massimiliano



Was this page helpful?
Yes No
Thread at a glance:

Previous Message by Date: click to view message preview

Re: squid upgrade question

Pat Lendon wrote: > Now with STABLE2 and aufs, there are many more squid processes, please > see list. > Why are there more "(squid)" processes? There are not. It is just the Linux ps command which cannot show threads correctly. > Is this normal? Yes. > Is it because I am using aufs? Yes. Regards Henrik

Next Message by Date: click to view message preview

Re: iptables for Sun

No, but you can use IP-Filter. I think it is also possible using SunScreen or whatever the firewall package from Sun is called these days.. Regards Henrik Claudio Alonso wrote: > > Hello, > I'm working with squid 2.5 STABLE 2 on a Sun Solaris 8. > Now I need to make port redirection. > I could do it with iptables if I were working on Linux. > Any ideas about what to use on Solaris? > > Thanks in advance, > > --Claudio > > _________________________________________________________________ > Charla con tus amigos en línea mediante MSN Messenger: > http://messenger.yupimsn.com/

Previous Message by Thread: click to view message preview

Squid 2.5: tcp_outgoing_tos

Hello everybody, a useful feature of SQUID 2.5 is the "tcp_outgoing_tos" directive, that allow you to mark outgoing IP packet with a specific TOS field. I have tried to associate this directive with an ACL's type "dst" as below: acl EXAMPLE1 dst 66.216.68.0/24 tcp_outgoing_tos 0x30 EXAMPLE1 Sniffing packets, I have observed that packets belonging to the first TCP connection pass with a wrong TOS (0x00) and others with a right TOS (0x30) Is there anybody that can tell me why? Bye!!! Massimiliano

Next Message by Thread: click to view message preview

squid acls from file

Hi, Is it possible to provide list of acl's and http_access rules through a file, which is included/read into squid.conf. Tushar
Loading Comments...
Home | News | Patents | Sitemap | FAQ | advertise

Advertising by