Chris Robertson wrote:
Pachulski, Keith wrote:
I`m working on setting up squid to act as a reverse proxy on Solaris
10. The reverse proxy part is working fine. However I want to be able
to control the types of traffic that is passed through the reverse
proxy to only allow what I want. This part I have had 0 success with.
Can someone please send me a template for what the setup would like
look for doing regex pattern matching to only allow certain patterns
and deny all other traffic. Here is a copy of the config as I have in
there now for the proxy:
cache_peer X.X.X.X parent 80 0 no-query originserver name=servername
cache_peer_access servername allow internal cache_peer_access
servername deny all acl internal dstdomain some.internal.server
http_access allow internal
Attempted to do the following with no luck:
acl allowtraffic url_regex -i "/etc/squid/allowtraffic.acl"
http_access allow allowtraffic internal
http_access deny all
cache_peer X.X.X.X parent 80 0 no-query originserver name=servername
cache_peer_access servername allow internal
cache_peer_access servername deny all
acl internal dstdomain some.internal.server
acl allowtraffic url_regex -i "/etc/squid/allowtraffic.acl"
http_access allow internal allowtraffic
http_access deny all
Chris
Please not though one of the prime rule-of-thumbs on making your Squid
run efficiently and fast:
avoid regex ACL.
NP: with the 'internal' ACL already taking care of domains the regex can
be reduced to urlpath_regex for a shorter and slightly faster pattern match.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE6 or 3.0.STABLE18
Current Beta Squid 3.1.0.13
