Here's my situation:
If have only one public IP address.
Internally I have three Apache servers running.
Right now I have my firewall route port 80 to my webserver.
I also have a mailserver running secure webmail on it, so I forward port 443
to it.
My problem is now I want to be able to do ssl on my third websever.
I tried to use mod_proxy to accomplish this without success, so I figured I
would try squid.
I don't need squid to accelerate, I just need it direct traffic.
I thought my firewall would be a good place to install squid because its
basically doing nothing but packet filtering.
I first setup squid as a transparent proxy for my internal clients.(It's
running why not use it in both directions)
This went very well, I added the following lines to my squid.conf and the
following line to iptables script.
acl our_networks src 10.0.0.0/24
http_access allow our_networks
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
$IPTABLES -t nat -A PREROUTING -i $LAN_NIC -p tcp --dport 80 \
-j REDIRECT --to-port 3128
Next I tried to set squid up to solve my initial problem.
I read most everything on the Squid site and google about reverse proxy and
web accellating.
I added this to my squid conf
redirect_program /usr/local/bin/redir.pl
redirect_children 5
redirect_rewrites_host_head off
Made the script
#!/usr/local/bin/perl
$|=1;
while (<>) {
s@https://fromhost.com@https://tohost.org@;
print;
}
added this to my /etc/hosts
10.0.0.12 tohost.org
added this iptables script
$IPTABLES -t nat -A PREROUTING -i $INET_NIC -p tcp --dport 443 \
-j REDIRECT --to-port 3128
When I start squid, It dies right away.
Here's the error.
Squid Parent: child process 14166 exited due to signal 6
The redirector helpers are crashing too rapidly, need help!
What am I doing wrong?
