Hi everyone
I have a problem with windows client machines connecting to a Dot Net
enabled server via a squid redirector. When I connect directly to the
windows (2000) server I can upload a dotnet web project using the frontpage
extensions but via the redirector it will not make the connection.
I have three machines which for the purposes of anonymity I have given the
following IP addresses:
client: aaa.bbb.ee.ff
proxy: "concrete.no.org" at aaa.bbb.cc.dd
server: "server" at 192.168.1.149
The headers sent are as follows:
****** CLIENT **********
GET /wg/test2/Apr27B/get_aspx_ver.aspx HTTP/1.1
Accept: */*
User-Agent: Microsoft-Visual-Studio.NET/7.10.3077
Host: AAA.BBB.CCC.DD
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.0 401 Unauthorized
Server: Microsoft-IIS/5.0
Date: Thu, 27 Apr 2006 05:27:02 GMT
WWW-Authenticate: Basic realm="aaa.bbb.cc.dd"
Content-Length: 4431
Content-Type: text/html
X-Cache: MISS from concrete
Connection: keep-alive
**** PROXY ( concrete) ********
GET /wg/test2/Apr27B/get_aspx_ver.aspx HTTP/1.1
Accept: */*
User-Agent: Microsoft-Visual-Studio.NET/7.10.3077
Host: aaa.bbb.cc.dd
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.0 401 Unauthorized
Server: Microsoft-IIS/5.0
Date: Thu, 27 Apr 2006 05:27:02 GMT
WWW-Authenticate: Basic realm="aaa.bbb.cc.dd"
Content-Length: 4431
Content-Type: text/html
X-Cache: MISS from concrete.no.org
Connection: keep-alive
********** SERVER ********
GET /wg/test2/Apr27B/get_aspx_ver.aspx HTTP/1.0
Accept: */*
User-Agent: Microsoft-Visual-Studio.NET/7.10.3077
Host: aaa.bbb.cc.dd
Via: 1.1 concrete.no.org:80 (squid/2.5.STABLE9)
X-Forwarded-For: aaa.bbb.ee.ff
Cache-Control: no-cache, max-age=259200
Connection: keep-alive
HTTP/1.1 401 Access Denied
Server: Microsoft-IIS/5.0
Date: Thu, 27 Apr 2006 05:27:02 GMT
WWW-Authenticate: Basic realm="aaa.bbb.cc.dd"
Content-Length: 4431
Content-Type: text/html
The only thing I can see from the dumps is that the client sends a request
in HTTP 1.1 and
the proxy is sending an HTTP 1.0 request to the server which then responds
with a HTTP 1.0
header back to the client via the proxy.
Dot Net uses frontpage extensions to upload if it cannot make netbios
connection - which it can't.
I have checked that the site is using basic (plaintext) authentication and
I recompiled squid with
the following:
./configure
--enable-icmp
--enable-useragent-log
--enable-referer-log
--enable-arp-acl
--enable-ipf-transparent
--sysconfdir=/etc
--enable-internal-dns
--disable-wccp
options
The config file has:
http_port 137.154.86.33:80
icp_port 0
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
useragent_log /usr/local/squid/var/logs/useragent.log
redirect_program /usr/local/squid/bin/redirector
redirect_rewrites_host_header off
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access allow all
http_reply_access allow all
icp_access allow all
tcp_outgoing_address 192.168.1.1
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_single_host off
The redirect script is a perl script structured as follows:
#! /usr/bin/perl
$|=1;
while (1) {
$_ = <stdin>;
s|http://aaa.bbb.cc.dd/weng|http://192.168.1.149|g;
print;
}
Have I missed something?
Any assistance would be appreciated.
Mike
