[tproxy] Tproxy + DNS + OpenDNS = Borked

Tristram Cheer tproxy at tristramcheer.com
Thu May 20 02:58:26 CEST 2010


Hi Adrian,

Thanks for the info, I was thinking that squid-users might be more helpful.
For what its worth we dont cache HTML only large files/images etc but I
hadn't thought about the "views" issue.

Thanks for your help

Regards

Tristram

On 20 May 2010 12:45, Adrian Chadd <adrian.chadd at gmail.com> wrote:

> On 20 May 2010 07:55, Tristram Cheer <tproxy at tristramcheer.com> wrote:
> > Is there anyway to get squid and TPROXY to spoof DNS requests to show as
> > coming from the client IP and not cache the result?
>
> With a bit of coding, sure. This has an impact on your cache contents
> - since each client has a "different view" of DNS, content is going to
> have to be cached according to the client themselves rather than just
> globally.  Also, cached content for client A that isn't filtered by
> open DNS will be returned to client B that is filtered by open DNS
> because cached content doesn't necessarily require constant
> revalidation, and cached content w/out revalidation won't require a
> DNS lookup to complete.  That'll require further code changes.
>
> You should bounce further questions like this to the squid-users@
> list, rather than this list!
>
>
> Adrian
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/tproxy/attachments/20100520/7914f773/attachment.htm 


More information about the tproxy mailing list