Search squid archive

connection limit and X-Forwarded-For IP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi All,

Recently I configure Squid as reverse proxy for back-end apache server running Drupal.

acl airarabia_web dstdomain www.airarabia.com
cache_peer 10.4.171.6 parent 80 0 no-query originserver name=airarabia_peer2 round-robin forceddomain=www.airarabia.com default # cache_peer 10.4.171.7 parent 80 0 no-query originserver name=airarabia_peer1 round-robin forceddomain=www.airarabia.com default # not yet implemented
cache_peer_access airarabia_peer2 allow airarabia_web
cache_peer_access airarabia_peer2 deny all

Problem 1:-
With Apache I had connection Limit of 20 per IP (mod_limitipconn.so)

I need to achieve this with squid reverse proxy.
please let me know if below configurations is correct.

===========================
acl connectionLimit maxconn 20
acl airarabia_web dstdomain www.airarabia.com
cache_peer 10.4.171.6 parent 80 0 no-query originserver name=airarabia_peer2 round-robin forceddomain=www.airarabia.com default
cache_peer_access airarabia_peer2 allow airarabia_web connectionLimit
cache_peer_access airarabia_peer2 deny all
===========================

Problem 2:-
After configuring reverse proxy, The apache back-end server gets the IP of the reverse proxy and not of the actual clients.

                   squid.conf
===========================
follow_x_forwarded_for allow airarabia_web
follow_x_forwarded_for deny all
acl_uses_indirect_client on
delay_pool_uses_indirect_client on
log_uses_indirect_client on
===========================

I will work on HOW TO for mod_extract_forwarded, but mean time if someone can verify if the above squid.conf for problem 2 is correct?

//Remy

------------------------------------------------------------------------------
Disclaimer and Confidentiality


This material has been checked for  computer viruses and although none has
been found, we cannot guarantee  that it is completely free from such problems
and do not accept any  liability for loss or damage which may be caused.
Please therefore  check any attachments for viruses before using them on your
own  equipment. If you do find a computer virus please inform us immediately
so that we may take appropriate action. This communication is intended  solely
for the addressee and is confidential. If you are not the intended recipient,
any disclosure, copying, distribution or any action  taken or omitted to be
taken in reliance on it, is prohibited and may be  unlawful. The views
expressed in this message are those of the  individual sender, and may not
necessarily be that of ISA.

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux