> > Thanks Amos > > its working now, but i see a small issue when i do query on search engine > like google > > i can directly hit on any site but when i do search i get > > The system returned: (111) Connection refused > > The remote host or network may be down. Please try the request again. > Any other info? is it actually gong direct? what does log say? etc. etc Amos > > Thanks > > Amos Jeffries-2 wrote: >> >>> >>> Hi Amos, >>> >>> Thanks for responding to my message. >>> >>> i am trying to achieve as mentioned below >>> >>> Site A has proxy as Proxy 2 and another proxy is located in different >>> country Site B through tunnel as Proxy1 >>> >>> Site A has local internet when fails need all web request to be >>> forwarded >>> to >>> proxy 1 through proxy 2 Ie with out changing client proxy address. >>> >>> similar setup was running for 1 month, some how messed up had to >>> reconfigure >>> from scratch. >>> >> >> Ah, okay this is what you want for the peering then: >> >> Proxy2: >> prefer_direct on >> cache_peer Proxy1 parent 8080 3130 >> ... >> >> Proxy1: >> <only an ACL permitting Proxy2 to make requests as a client> >> >> >> Note the absence of 'default originserver' on proxy2 and any mention of >> peering on proxy1. >> >> If you have any problems with that it will be caused by other configure >> options I've overlooked. >> >> Amos >> >>> >>> bharathvn wrote: >>>> >>>> Hi, >>>> >>>> i am trying to setup proxy server as show below >>>> >>>> Client ==>Sibling ==> Parent==> Internet >>>> >>>> i got error when we browse any site from parent server as mentioned >>>> below >>>> >>>> The following error was encountered while trying to retrieve the URL: >>>> / >>>> >>>> Invalid URL >>>> >>>> Some aspect of the requested URL is incorrect. >>>> >>>> Some possible problems are: >>>> >>>> Missing or incorrect access protocol (should be http:// or similar) >>>> >>>> Missing hostname >>>> >>>> Illegal double-escape in the URL-Path >>>> >>>> Illegal character in hostname; underscores are not allowed. >>>> >>>> Your cache administrator is root. >>>> >>>> -------------------------------------------------------------------------------- >>>> >>>> Generated Sun, 17 May 2009 18:13:40 GMT by proxy1 (squid/3.0.STABLE13) >>>> >>>> Parent Proxy config >>>> >>>> >>>> http_port 8080 >>>> cache_peer proxy2 sibling 8080 0 >>>> hierarchy_stoplist cgi-bin ? >>>> acl QUERY urlpath_regex cgi-bin \? >>>> cache deny QUERY >>>> acl apache rep_header Server ^Apache >>>> cache_mem 100 MB >>>> cache_swap_low 90 >>>> cache_swap_high 95 >>>> access_log /var/log/squid/access.log squid >>>> acl manager proto cache_object >>>> acl localhost src 127.0.0.1/255.255.255.255 >>>> acl to_localhost dst 127.0.0.0/8 >>>> acl SSL_ports port 443 >>>> acl Safe_ports port 80 # http >>>> acl Safe_ports port 21 # ftp >>>> acl Safe_ports port 443 # https >>>> acl Safe_ports port 70 # gopher >>>> acl Safe_ports port 210 # wais >>>> acl Safe_ports port 1025-65535 # unregistered ports >>>> acl Safe_ports port 280 # http-mgmt >>>> acl Safe_ports port 488 # gss-http >>>> acl Safe_ports port 591 # filemaker >>>> acl Safe_ports port 777 # multiling http >>>> acl CONNECT method CONNECT >>>> acl US src b.b.b.b-b.b.b.254 >>>> acl server src c.c.c.1-c.c.c.254 >>>> http_access allow manager localhost >>>> http_access deny manager >>>> http_access deny !Safe_ports >>>> http_access deny CONNECT !SSL_ports >>>> http_access allow localhost >>>> http_access allow US >>>> http_access allow server >>>> http_access allow all >>>> http_reply_access allow all >>>> icp_access deny all >>>> cache_effective_user squid >>>> cache_effective_group squid >>>> icp_port 0 >>>> coredump_dir /var/spool/squid >>>> refresh_pattern ^ftp: 1440 20% 10080 >>>> refresh_pattern ^gopher: 1440 0% 1440 >>>> refresh_pattern (cgi-bin|\?) 0 0% 0 >>>> refresh_pattern . 0 20% 4320 >>>> >>>> >>>> Sibling Proxy config >>>> >>>> http_port 8080 >>>> cache_peer proxy1 parent 8080 0 default originserver >>>> hierarchy_stoplist cgi-bin ? >>>> acl QUERY urlpath_regex cgi-bin \? >>>> cache deny QUERY >>>> acl apache rep_header Server ^Apache >>>> cache_mem 100 MB >>>> cache_swap_low 90 >>>> cache_swap_high 95 >>>> access_log /var/log/squid/access.log squid >>>> acl manager proto cache_object >>>> acl localhost src 127.0.0.1/255.255.255.255 >>>> acl to_localhost dst 127.0.0.0/8 >>>> acl SSL_ports port 443 >>>> acl Safe_ports port 80 # http >>>> acl Safe_ports port 21 # ftp >>>> acl Safe_ports port 443 # https >>>> acl Safe_ports port 70 # gopher >>>> acl Safe_ports port 210 # wais >>>> acl Safe_ports port 1025-65535 # unregistered ports >>>> acl Safe_ports port 280 # http-mgmt >>>> acl Safe_ports port 488 # gss-http >>>> acl Safe_ports port 591 # filemaker >>>> acl Safe_ports port 777 # multiling http >>>> acl CONNECT method CONNECT >>>> acl BLR src a.a.a.1-a.a.a.254 >>>> acl US src b.b.b.b-b.b.b.254 >>>> acl server src c.c.c.1-c.c.c.254 >>>> acl TAC src d.d.d.1-d.d.d.254 >>>> acl all src 0.0.0.0/255.0.0.0 >>>> http_access allow manager localhost >>>> http_access deny manager >>>> http_access deny !Safe_ports >>>> http_access deny CONNECT !SSL_ports >>>> http_access allow localhost >>>> http_access allow BLR >>>> http_access allow US >>>> http_access allow server >>>> http_access allow TAC >>>> http_access deny all >>>> http_reply_access allow all >>>> icp_access allow all >>>> cache_effective_user squid >>>> cache_effective_group squid >>>> icp_port 0 >>>> always_direct deny US >>>> always_direct deny BLR >>>> always_direct deny TAC >>>> prefer_direct on >>>> coredump_dir /var/spool/squid >>>> refresh_pattern ^ftp: 1440 20% 10080 >>>> refresh_pattern ^gopher: 1440 0% 1440 >>>> refresh_pattern . 0 20% 4320 >>>> >>>> Pls help me on this. >>>> >>>> Thanks, >>>> Bharathvn >>>> >>> >>> -- >>> View this message in context: >>> http://www.nabble.com/New-Squid3-Stable-13-Setup-tp23601156p23609041.html >>> Sent from the Squid - Users mailing list archive at Nabble.com. >>> >>> >> >> >> >> > > -- > View this message in context: > http://www.nabble.com/New-Squid3-Stable-13-Setup-tp23601156p23609487.html > Sent from the Squid - Users mailing list archive at Nabble.com. > >
