Proxy Bypass Rule (serverside)

PROXYsquid

Using squid proxy, I'd like to (by)pass traffic from clients to a specific IP/domain.

No matter who is using the proxy (client IP or auth), the proxy should not be the man in the middle for any traffic from/to youtube.com.

Do proxies allow such a rule at server-side (instead of defining the bypass rule with each of the clients)?

E.g. if there was a bypass rule for the ip/domain whatismyip.com, all the clients should see their own IP there, although they have set up the proxy for their browser.

Best Answer

Unless you use iptables or similar in the server side or set the clients to bypass proxy, all http,ftp,etc. traffic will go thru the proxy.

Assuming that,you can set some acls that will force some specific traffic to go 'DIRECT'.

Here you can see some sample code from squid.conf:

acl directdomains dstdomain "path/to/acl/file"
http_access allow directdomains
always_direct allow directdomains

The acl file should contain something like:

.youtube.com

One more option is to use a 'proxy autoconfiguration file' for your clients,you can even set it via dhcp.

Hope that helps.

Best Answer

Related Solutions

Can squid automatically remove a cache_peer from the round-robin list if its proxy auth fails

Bypass external proxy in web chaining for one URL

Related Topic