Search squid archive

Re: Change url_rewrite_program problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




Hi Eliezer,
 
Thanks you for feedback,
 
    • Squid version installed is2.6.STABLE21  and may be this version not handling these requests correctly ?
 
setting for cache peer : 
http_port 80 accel defaultsite=add.ptr.lu  vhost
https_port 443 cert=/root/add.ptr.lu.pem key=/root/add.ptr.lu.key accel defaultsite=add.ptr.lu vhost
cache_peer 15.40.40.47 parent 8000 0 no-query originserver front-end-https=on name=ProdAccel 
cache_peer 15.40.40.47 parent 8001 0 no-query originserver name=TestAccel
 
    • From access logs, we do not see any TCP_DENIED log event for the 'add.ptr.lu' request.
 
> 2015/06/12 17:11:36| Starting Squid Cache version 2.6.STABLE21 for i686-redhat-linux-gnu... > 2015/06/12 17:11:36| Process ID 3897 > ... > 2015/06/12 17:11:36| Accepting accelerated HTTP connections at 0.0.0.0, port 8000, FD 18. > 2015/06/12 17:11:36| Accepting proxy HTTP connections at 0.0.0.0, port 3128, FD 19. > 2015/06/12 17:11:36| Accepting HTTPS connections at 0.0.0.0, port 443, FD 20. > 2015/06/12 17:11:36| Accepting ICP messages at 0.0.0.0, port 3130, FD 21. > 2015/06/12 17:11:36| WCCP Disabled. > 2015/06/12 17:11:36| Configuring Parent 158.64.50.47/8000/0 > 2015/06/12 17:11:36| Configuring Parent 158.64.50.47/8001/0 
 
    • Port 8000 is the port using for backend  webserver
    • So I try to access from external , I try https://add.ptr.lu , I receive a issue with new url https://add.ptr.lu:8000/register
     
    So I supposed that it cannot return with this url

2015-08-18 18:22 GMT+02:00 Eliezer Croitoru <eliezer@xxxxxxxxxxxx>:
Well it's a bit weird since squid is capable of handling these requests and it should not pass a port as a part of the HTTP protocol.

What settings have you tried for a cache peer?
Have you tried matching with a domain name matching?
Did you had the chance to get the access.log with or without the url_rewrite?

How did you got a request with port 8000? You can always use the "port" acl to match it.
If you are receiving url on port 80 you should not have any issues.

If you can give me couple examples of urls which you get I might be able to understand a bit more.

Eliezer


On 18/08/2015 18:20, Hicham Berni wrote:
Hi Eliezer,

I try first with cache_peer , but it was not running for this specific
web-server port configuration ( 8000 and error was that we received url
with port number),

I noted that current configuration was using rewrite url program ( for test
with port number 8001) and I supposed that it could be same problem by
using port 8000 instead 80 ( webdesign don't want to change port number)

When i tried  with rewrite url program , it ran but just for production
url  and not test url.

2015-08-18 16:46 GMT+02:00 Eliezer Croitoru <eliezer@xxxxxxxxxxxx>:

Hey Berni,

I was wondering to myself, why do you need to rewrite the url?
Can't you just use a cache_peer and couple acls?

Eliezer


On 18/08/2015 16:43, Hicham Berni wrote:

Hi,

We have a squid reverse configuration, and we need to change  backend
webserver  with a new webserver with new IP and port (80 --> 8000) .

Old squid configuration used url_rewrite_program. I 'not familar with this
configuration.
With port changing on new web server ( 80 --> 8000) , i find that i had to
add new production web on url_rerite_program.

I tried to change program , but i met a issue.

on part 1 --> current rewrite program configuration  running today and
correctly  for testurl --> running fine
on part 2 --> configuration with change  for testurl and productionurl ->
OK for productionurl and KO for testurl

An idea if something is wrong on change ?

Part 1)  old configuration :

#!/usr/bin/perl

$INTERNALIP="15.40.40.40";
$PRODUCTIONURL="add.ptr.lu";
$TESTURL="test.add.ptr.lu";
$TESTPORT="8001";

# turn off write buffering
$| = 1;
while (<>) {

    # get the URL from the request
    chomp($url = "">
    if ($url =~ m/($INTERNALIP|$TESTURL):$TESTPORT/)
    {
      # fix up the cname and port
      $url =~ s^:$TESTPORT^^;
      $url =~ s^$INTERNALIP^$TESTURL^;

      # fix the protocol
      $url =~ s^https://^http://^;
    }
    else
    {
      # fix up the name
      $url =~ s^$INTERNALIP^$PRODUCTIONURL^;

      # fix the protocol
      $url =~ s^http://^https://^;
    }

    # return the fixed URL to squid
    print "$url\n";
}


Part 2) configuration with changes

#!/usr/bin/perl

$INTERNALIP="15.40.40.40";
$PRODUCTIONURL="add.ptr.lu";
$TESTURL="test.add.ptr.lu";
$TESTPORT="8001";
$PRODPORT="8000";

# turn off write buffering
$| = 1;
while (<>) {

    # get the URL from the request
    chomp($url = "">
    if ($url =~ m/($INTERNALIP|$TESTURL):$TESTPORT/)
    {
      # fix up the cname and port
      $url =~ s^:$TESTPORT^^;
      $url =~ s^$INTERNALIP^$TESTURL^;

      # fix the protocol
      $url =~ s^https://^http://^;
    }

elsif ($url =~ m/($INTERNALIP|$PRODUCTIONURL):$PRODPORT/)
    {
      # fix up the cname and port
      $url =~ s^:$PRODPORT^^;
      $url =~ s^$INTERNALIP^$PRODURL^;

      # fix the protocol
      $url =~ s^https://^http://^;
    }

    else
    {
      # fix up the name
      $url =~ s^$INTERNALIP^$PRODUCTIONURL^;

      # fix the protocol
      $url =~ s^http://^https://^;
    }

    # return the fixed URL to squid
    print "$url\n";
}



_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users


_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux