Search squid archive

GET cache_object://localhost/info on a reverse proxy setup

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dear all,

I'm using Squid as a reverse proxy in a Squid/Pound/Zope/Plone-setup. Squid is running on port 80.

I would like to access the cache manager with the munin plugins to monitor Squid. The plugins use a HTTP request
"GET cache_object://localhost/info HTTP/1.0".
Standard port 3128 isn't active, when asking port 80 I get a 404-error from zope.

How can I access the cache manager in such a setup?

My squid.conf is:

hierarchy_stoplist cgi-bin ?
#acl QUERY urlpath_regex cgi-bin \?
#no_cache deny QUERY
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
refresh_pattern (/cgi-bin/|\?)         0     0%         0
refresh_pattern ^ftp:               1440    20%     10080
refresh_pattern ^gopher:            1440     0%      1440
refresh_pattern .                      0    20%      4320

# Basic ACLs
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/32
acl ssl_ports port 443 563
acl safe_ports port 8080 80 443
#acl zope_servers src 127.0.0.2 127.0.0.1
acl manager proto cache_object
acl connect method connect

# deny requests to unknown ports
http_access deny !safe_ports
acl accelerated_protocols proto http https
acl accelerated_domains dstdomain lb.xxx.de
acl accelerated_domains dstdomain lb1.xxx.de
acl accelerated_domains dstdomain lb2.xxx.de
acl accelerated_domains dstdomain xxx.de
acl accelerated_domains dstdomain www.xxx.de
acl accelerated_ports myport 80 443
http_access allow accelerated_domains accelerated_ports accelerated_protocols

# Purge access - zope servers can purge but nobody else
acl purge method PURGE
#http_access allow zope_servers purge
http_access deny purge
# Reply access
http_reply_access allow all
# Cache manager setup - cache manager can only connect from localhost
# only allow cache manager access from localhost
http_access allow manager localhost
http_access deny manager
# deny connect to other than ssl ports
http_access deny connect !ssl_ports
# ICP access - anybody can access icp methods
icp_access allow localhost
# And finally deny all other access to this proxy
http_access deny all
coredump_dir /usr/local/squid/cache
http_port 80 defaultsite=www.xxx.de
#http_port 80 defaultsite=lb.xxx.de
#http_port 80
cache_peer 127.0.0.1 parent 8080 0 no-query originserver
#cache_peer 127.0.0.1 parent 8080 0 no-query originserver round-robin
#cache_peer 127.0.0.1 parent 8080 0 no-query
visible_hostname www.xxx.de
cache_mem 2000 MB
maximum_object_size 40960 KB
maximum_object_size_in_memory 100 KB
cache_replacement_policy heap LFUDA
memory_replacement_policy heap LFUDA
cache_dir aufs /var/spool/squid 10000 16 256
logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
access_log /var/log/squid/access.log combined
redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf
#redirect_program /etc/squid/redirector.pl
negative_ttl 0 minutes
positive_dns_ttl 60 minutes
negative_dns_ttl 1 minutes


Thanks for your support,
David

--
The day microsoft makes something that doesn't suck is the day they start making vacuum cleaners.
gpg --keyserver pgp.mit.edu --recv-keys 1920BD87
Key fingerprint = 3326 32CE 888B DFF1 DED3  B8D2 105F 29CB 1920 BD87


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux