Search squid archive

Frontpage via Reverse Proxy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi everyone

I have a problem with windows client machines connecting to a Dot Net enabled server via a squid redirector. When I connect directly to the windows (2000) server I can upload a dotnet web project using the frontpage extensions but via the redirector it will not make the connection.

I have three machines which for the purposes of anonymity I have given the following IP addresses:

client: aaa.bbb.ee.ff
proxy: "concrete.no.org"  at  aaa.bbb.cc.dd
server: "server"  at 192.168.1.149

The headers sent are as follows:

****** CLIENT **********

GET /wg/test2/Apr27B/get_aspx_ver.aspx HTTP/1.1
Accept: */*
User-Agent: Microsoft-Visual-Studio.NET/7.10.3077
Host: AAA.BBB.CCC.DD
Connection: Keep-Alive
Cache-Control: no-cache


HTTP/1.0 401 Unauthorized
Server: Microsoft-IIS/5.0
Date: Thu, 27 Apr 2006 05:27:02 GMT
WWW-Authenticate: Basic realm="aaa.bbb.cc.dd"
Content-Length: 4431
Content-Type: text/html
X-Cache: MISS from concrete
Connection: keep-alive

****  PROXY ( concrete) ********

GET /wg/test2/Apr27B/get_aspx_ver.aspx HTTP/1.1
Accept: */*
User-Agent: Microsoft-Visual-Studio.NET/7.10.3077
Host: aaa.bbb.cc.dd
Connection: Keep-Alive
Cache-Control: no-cache

HTTP/1.0 401 Unauthorized
Server: Microsoft-IIS/5.0
Date: Thu, 27 Apr 2006 05:27:02 GMT
WWW-Authenticate: Basic realm="aaa.bbb.cc.dd"
Content-Length: 4431
Content-Type: text/html
X-Cache: MISS from concrete.no.org
Connection: keep-alive

********** SERVER ********

GET /wg/test2/Apr27B/get_aspx_ver.aspx HTTP/1.0
Accept: */*
User-Agent: Microsoft-Visual-Studio.NET/7.10.3077
Host: aaa.bbb.cc.dd
Via: 1.1 concrete.no.org:80 (squid/2.5.STABLE9)
X-Forwarded-For: aaa.bbb.ee.ff
Cache-Control: no-cache, max-age=259200
Connection: keep-alive

HTTP/1.1 401 Access Denied
Server: Microsoft-IIS/5.0
Date: Thu, 27 Apr 2006 05:27:02 GMT
WWW-Authenticate: Basic realm="aaa.bbb.cc.dd"
Content-Length: 4431
Content-Type: text/html

The only thing I can see from the dumps is that the client sends a request in HTTP 1.1 and the proxy is sending an HTTP 1.0 request to the server which then responds with a HTTP 1.0
header back to the client via the proxy.

Dot Net uses frontpage extensions to upload if it cannot make netbios connection - which it can't. I have checked that the site is using basic (plaintext) authentication and I recompiled squid with
the following:

./configure
--enable-icmp
--enable-useragent-log
--enable-referer-log
--enable-arp-acl
--enable-ipf-transparent
--sysconfdir=/etc
--enable-internal-dns
--disable-wccp

options
The config file has:

http_port 137.154.86.33:80
icp_port 0
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY

useragent_log /usr/local/squid/var/logs/useragent.log

redirect_program /usr/local/squid/bin/redirector
redirect_rewrites_host_header off

auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours

refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern .               0       20%     4320

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443 563     # https, snews
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager

http_access deny !Safe_ports
http_access allow all
http_reply_access allow all

icp_access allow all

tcp_outgoing_address 192.168.1.1

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_single_host off


The redirect script is a perl script structured as follows:

#! /usr/bin/perl

$|=1;
while (1) {
	 $_ = <stdin>;

		 s|http://aaa.bbb.cc.dd/weng|http://192.168.1.149|g;

    print;
}

Have I missed something?
Any assistance would be appreciated.

Mike


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux