Chris, that worked... well sorta.. I am seeing these messages in my access logs and on the browser I see "Invalid Request" . Could be missing some acl stuff ? 1163809785.556 3 10.169.155.217 TCP_DENIED/400 1638 GET error:invalid-request - NONE/- text/html 1163809796.231 38 10.169.155.217 TCP_DENIED/400 1628 GET error:invalid-request - NONE/- text/html 1163809809.773 40 10.169.155.217 TCP_DENIED/400 1628 GET error:invalid-request - NONE/- text/html 1163809935.515 1 10.169.155.217 TCP_DENIED/400 1654 GET error:invalid-request - NONE/- text/html Thanks Chris Robertson wrote on 11/17/2006, 3:24 PM: > Mohan wrote: > > Chris Robertson wrote on 11/17/2006, 2:30 PM: > > > > > Mohan wrote: > > > > I am using squid 2.6 and I > > > > need to setup transparent caching for a webserver running on a > port > > > > other than 80. We have a webserver running on port 2000 . I > have spent > > > > quite a number of hours trying to figure out in changing this > default > > > > setting. Is there a way to change this ? > > > > > > > > > > > First off, are you really trying to do interception proxy > > > (http://wiki.squid-cache.org/SquidFaq/InterceptionProxy, often > mistaken > > > for transparent proxy), or are you attempting acceleration > > > (http://wiki.squid-cache.org/SquidFaq/ReverseProxy)? > > > > > > The first would likely require changes to your firewall rules. The > > > latter would require changes to how Squid is set up. Hopefully your > > > questions will be answered in the links provided. > > > > > > Chris > > > > > > > Chris, > > Thanks for responding. As you can see I am still confused > between the > > two. I thought in 2.6 Reverse proxy was replaced by InterceptionProxy. > > Did I get that wrong ? I probably did! > > > > How are the two different ? I need to be able to install a cache proxy > > alongside my webserver to cache some dynamilcaaly generated pages. > Which > > one would be the right one ? > > > > Again thanks for your time. > > > > -Mohan > > > > > > No worries. > > The two serve different functions. One is intended to be a "Zero Client > Configuration" proxy (interception proxy), the other is set up as a > buffer for a website (accelerator). > > From the description given, you are looking to set up an accelerator. > > Here are the relevant bits: > > http_port 2000 # Make squid listen on port 2000* > cache_peer 1.2.3.4 parent 2000 0 no-query originserver > acl accelerated_server dst 1.2.3.4 > .... > # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS > http_access allow accelerated_server > > The "INSERT YOUR OWN" line is preexisting in the default squid.conf and > is included as a reference point of where to put the required > http_access line. The acl must be placed before this line. Obviously, > replace 1.2.3.4 with the real IP of your web server. I think you might > also want to set "visible_hostname" to the address currently used to > access your website. > > * Feel free to use a different http_port. I'm just using 2000 for the > sake of continuity. I am aware of no reason Squid would be unable to > listen on port 80, and make requests to the server on port 2000 (aside > from > http://wiki.squid-cache.org/SquidFaq/ReverseProxy#head-ae649735ddf053125e55f28cec17b0dc94eb26da). > > For what it's worth, you could have squid listen on both port 80 and > 2000. You might also add a defaultsite argument to the http_port (e.g. > http_port 2000 defaultsite=www.myserver.com) for any clients that don't > supply a Host header. > > Chris > > P.S. I do not have a Squid server set up in an accelerating capacity, so > the above advice is based strictly on participation in the mailing list. > -- ------------------------------------------ Mohan Rao (650 937 3369) / mohansrao@xxxxxxx AIM : mohansrao MBA at Santa Clara University ------------------------------------------
