Hi, And how can i set up that file ? the Squid and Apache server is also a dnscache server (to resolve hosts to squid) and ig I put the hosts on the hosts file it doesn't work... Thanks Nuno Ferreira -----Original Message----- From: Matus UHLAR - fantomas [mailto:uhlar@xxxxxxxxxxx] Sent: Tuesday, June 14, 2005 4:52 PM To: squid-users@xxxxxxxxxxxxxxx Subject: Re: [squid-users] Squid + web server on same machine On 14.06 06:24, Nuno Ferreira wrote: > I know that this probably has come in this archive but my search there > didn't get me anything. > > I have a RH machine running SQUID proxy and Apache. On the web server I > have a lot of virtual domains. > > The problem is that proxy users can't see those web sites (the ones hosted > on the apache server as virtual servers). > > The mentioned machine is in the DMZ zone and nated outside to the public > IP. This public IP is (of course) the ip of all the virtual hosts. > > There must be some conflict in the proxy server or in the httpd server > that I really don't understand. that is a problem on lower networking level - NAT. You have to setup DNS or hosts file for your apache vhosts, which squid would use, and that would show the internal IP of apache, not external one. The problem is: "squid" connects to external IP from internal one. The destination IP is changed on NAT server to real server's one, the source IP (internal) is changed as-is. So data come to "apache" with source and destination IP's from internal network - as if it came directly from "squid". "apache" then responds directly to squid, not via NAT server, so the data don't go through NAT server and the ip of "apache" is not translated to external one. Finally, "squid" sees data going to external IP and coming from internal one, so they are not taken as part of the same stream and refuses them. terms "apache" and "squid" do not mean real processes, but the machine those services are on - even if it's the same. I hope they make this explanation more clear. -- Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. How does cat play with mouse? cat /dev/mouse
