I am running squid on a LRP box. It is running fine as a transparent
proxy. I have a group of internal machines going through it, with a
range of IPs that bypass the proxy using ipchains. Is there a way to
bypass squid for the machines that normally go through squid to reach
certain sites? I have tried acls to allow the sites and always_direct,
but the sites are still much much slower going through the proxy. These
are the chain rules I am using to start:
~
# Redirect to Squid proxy server:
ipchains -A input -p tcp -s 0/0 -d 0/0 8080 -j DENY -i eth0 -l
# Bypass for 192.168.1.8/29 range
ipchains -A input -p tcp -s ! 192.168.1.8/29 -d 0/0 80 -j REDIRECT 8080
~
I want to keep the other machines going through the proxy, except let
192.168.1.3 bypass the proxy only to get to sportsonline.com. Im not
too good with ipchains, can I make another rule to let only this bypass?
Thanks,
Bill
