On Fri, 6 Feb 2004, Eberhard Pietzsch wrote:

> Proxy A should test if a requested hostname is contained in our
> list mentioned above. If not contained, proxy A should forward
> the request directly to the host in question.

See cache_peer_access and never_direct. You need both.

Note that you can not use external acls in cache_peer_access at this time,
not reliably anyway. You may get an acceptable level if the acl is furst
evaluated in http_access, but it is not 100% safe.

http_access deny restrictedacl !all

somwhere before where requests are allowed.

The use of the ACL in never_direct may work as well, but I have not