Differences between version 8 and predecessor to the previous major change of SquidNotes.
Other diffs: Previous Revision, Previous Author, or view the Annotated Edit History
| Newer page: | version 8 | Last edited on Saturday, December 18, 2004 4:31:59 pm | by DanielLawson | Revert |
| Older page: | version 6 | Last edited on Wednesday, September 15, 2004 3:09:10 pm | by LeonBreedt | Revert |
@@ -2,9 +2,9 @@
!!Problem solving
!Resolving name problems
-Having problems that !
http://brian/wherever/whatever doesn't resolve in Squid? This is caused by Squid running its own DNS resolver, instead of using gethostbyname(3). It pulls the IPs of the name servers out of resolv.conf(5). Add a line like this to your squid.conf:
+Having problems that ~
http://brian/wherever/whatever doesn't resolve in Squid? This is caused by Squid running its own DNS resolver, instead of using gethostbyname(3). It pulls the IPs of the name servers out of resolv.conf(5). Add a line like this to your squid.conf:
append_domain .yourdomain.tla
Any domain without a dot in it will get that domain prepended to it; everything works nicely all of a sudden.
@@ -14,8 +14,17 @@
!"Unable to load page" error
[Microsoft] InternetExplorer 6 SP 1 has a bug where if you are using "Basic" auth (eg, with squid), the first page afterwards will display an "Unable to load page" error. This is because MSIE tries to reuse an already closed [TCP] connection. See KB:331906.
+
+! Caching / Proxying [Microsoft] Windows Update
+
+Windows Update caching works just fine, for the most part. If you have an authenticated proxy, you might want to add "*.microsoft.com", "*.windowsupdate.com" and "*.akamai.net" as an auth-bypass whitelist.
+
+As of mid December 2004, Windows Update (under XP at least) changed the way it works. It ignores proxy settings, and attempts to make direct connections to a pool of servers. This is fairly annoying, as if you have no default route set on your workstations (a sensible security measure), you can no longer run windows update.
+
+The subnets in question are: 207.46.0.0/16 and (I think) 64.2.21.0/24. It seems that the only solution is to allow these direct access via your firewall.
+
!!Add-on utilities for Squid
! Log Analysis (sarg)
