On 24/03/2012 2:27 a.m., guest01 wrote:
ok, in my setup I am using the same IP with different Ports:
http_port 10.122.125.2:3129 intercept name=transparentHTTPPort
https_port 10.122.125.2:3130 intercept cert=/etc/squid/squid.pem
name=transparentHTTPsPort
acl redirectbehavior myportname transparentHTTPPort
And how would I apply the myportname-acl? (Sounds like a noob
question, but I could not find helpful documentation)
I am still having problems understanding what the myportname-acl is
used for or how to use it.
The old myport and myip ACL are not very reliable. Particularly for
intercept or tproxy ports where the Squid listening/receiving ip:port is
unrelated to the packet destination ip:port.
We now have a textual label for each *_port line. By default that is the
text you entered in squid.conf as the ip:port value (exact text from
squid.conf). But can be changed to something more descriptive using the
name= option.
You can use it to reliably match all traffic arriving in a Squid
listening port regardless of type, processing path, adpatation or whatever.
My Test-Squid-Server is using one IP-address with multiple ports:
3128 -> default forward proxy port (used by clients who know they have
to use a proxy)
3129 -> HTTP intercept (dnat via Firewall)
3130 -> HTTPs intercept (dnat via Firewall)
The problem is a HTTP-to-HTTPs-redirect, which does not work. I tried
to google about the myportname/myip-acl but I could not find anything
useful/working.
Can anybody please explain how to use it, if it is possible to solve
this problem? Thanks!
What traffic flow appears to be going on right now when it doesn't work?
and what is the desired traffic flow?
Amos