fre 2009-09-18 klockan 11:13 +1000 skrev James Brotchie: > On Squid 2.7 the "intercepted" acl matches whilst in 3.1 it doesn't.
In 2.7 the myport and myip acls are very unreliable in interception mode. Depends on the request received if these are the local endpoint or the original destination enpoint.. > Digging deeper into the Squid 3.1 source it seems that if a http_port > is set to intercept then the "me" member of ConnStateData, which is > normally the proxy's ip and listening port, is replaced by the pre-NAT > destination ip and port. And in 2.7 it just sometimes are, i.e. when the original destnation is required to resolve the request. And on some OS:es it always are replaced, depends on how the original destination information is given to Squid. Regards Henrik
