Search squid archive

Re: Reverse proxy question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Personally, I'd use a proxy configuration script that exempts internal 
requests from being proxied.
Then set your clients up to use the script.

Not that I'm not suggesting the use of WPAD.  IE and firefox/mozilla, for 
example, have an option in their network settings to
use an automatic proxy configuration script.  The script uses javascript 
to define where/how requests should be handled.

The squid faq has several links on where to get instructions on how to 
create autoconfiguration scripts.

I find the script to be good practice because you can adjust changes to 
the proxy simply my updating one script.

It will most likely work around your 403 error, as well.

Tim Rainier
Information Services, Kalsec, INC
trainier@xxxxxxxxxx



"Oleksii Krykun" <okg@xxxxx> 
09/15/2005 09:34 AM

To
squid-users@xxxxxxxxxxxxxxx
cc

Subject
 Reverse proxy question






I have WWW server www.myserver on Apache with some links to internal 
servers 
as

http://mywwwserver/link1
http://mywwwserver/link2
http://mywwwserver/link3

On apache I rewrite:

RewriteEngine on
RewriteRule ^/link1(.*) http://myproxyserver/link1$1 [P]
RewriteRule ^/link2(.*) http://myproxyserver/link2$1 [P]
RewriteRule ^/link3(.*) http://myproxyserver/link3$1 [P]

I used MS Proxy 2.0 as myproxyserver before.
On my proxyserver following rules were applied:

http://myproxyserver/link1 -> http://10.1.1.1/dir1
http://myproxyserver/link2 -> http://10.1.1.1/dir2
http://myproxyserver/link3 -> http://10.1.1.2/

All works fine.

Now I change MS Proxy with Squid+SquidGuard.
In squid.conf I use:
http_port=80
httpd_accel_host mynewproxy
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

mywwwserver is allowed by acl settings.

Rewrite rules from squidGuard.conf are following:

s@http://mynewproxy/link1@http://10.1.1.1/dir1/@i
s@http://mynewproxy/link2@http://10.1.1.1/dir2/@i
s@http://mynewproxy/link3@http://10.1.1.2/@i

All works for outside requests but for internal users request to e.g. 
http://mywwwserver/link1/file.html gives me 403 error.

Where I am wrong?

Thanks,
Oleksii
----
А вы в курсе как заработать на курсе?
FOREX. Дилинговый центр АКБ "Укрсоцбанк".
Работает круглосуточно.
Лиц НБУ N5 от 29.12.2001.
http://forex.ukrsotsbank.com/?ito=873&itc=8




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux