Search squid archive

Re: Squid CONNECT tunnel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 5/3/22 06:12, roee klinger wrote:

Hey,
I am trying to use Squid with FTP server TCP Port Multiplexing, on the FRP documentation (https://github.com/fatedier/frp#tcp-port-multiplexing <https://github.com/fatedier/frp#tcp-port-multiplexing>), it says: 

    frp supports receiving TCP sockets directed to different proxies on
    a single port on frps, similar to vhost_http_port and vhost_https_port.

    The only supported TCP port multiplexing method available at the
    moment is httpconnect - HTTP CONNECT tunnel.

    When setting tcpmux_httpconnect_port to anything other than 0 in
    frps under [common], frps will listen on this port for HTTP CONNECT
    requests.

    The host of the HTTP CONNECT request will be used to match the proxy
    in frps. Proxy hosts can be configured in frpc by configuring
    custom_domain and / or subdomain under type = tcpmux proxies, when
    multiplexer = httpconnect.

    In the above configuration - frps can be contacted on port 1337 with
    a HTTP CONNECT header such as:
    CONNECT test1 HTTP/1.1\r\n\r\n

    and the connection will be routed to proxy1.
I have been struggling to find info about the use of CONNECT tunnels in Squid, the only page that seems to be talking about it is this: https://wiki.squid-cache.org/Features/HTTPS <https://wiki.squid-cache.org/Features/HTTPS>, and the link it points to is broken.
My question is, how can I use this with Squid? Can I configure Squid to receive traffic and then send it out to FRP with a custom CONNECT header?
I am not sure if this is only good for web servers, or if upstream proxy servers can use this method too.
CONNECT is usually used for opening TCP tunnels through HTTP proxies. Squid uses CONNECT (only) when the HTTP protocol requires such use: Squid will send a CONNECT request if you configure Squid to talk to a configured cache_peer (without an originserver flag), provided Squid needs to open a TCP tunnel through that cache_peer.
Squid uses TCP tunnels in several cases. The most common use case is when Squid is forwarding a received CONNECT request (or an intercepted TLS connection) through a cache_peer.
I have not studied FRP documentation and do not know how it all maps to your specific use case, but if you can summarize your use case in basic FTP/HTTP/TLS terms (e.g. Squid receives FTP request X and should send HTTP request Y), we may be able to help you with Squid configuration. 

Alex.
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux