Squid talking to Apache from Russell Mosemann on 2000-04-18 (squid-users)

From: Russell Mosemann <mose@dont-contact.us>
Date: Tue, 18 Apr 2000 11:54:14 -0500 (CDT)

I am having some difficult getting Squid to talk to Apache on the same
machine. I have read the FAQ several times, sifted through the archives,
searched deja.com, but I can't seem to find an answer. This is the
current configuration:

Squid-2.4.DEVEL2
squidGuard-1.1.4
Apache 1.3.x
Linux 2.2.14 with ipchains

Squid is set to do transparent proxy and acceleration for traffic heading
for the Internet according to the documentation. Port 80 is accelerated
and Squid listens on 3128. Squid does _not_ listen on port 80. A
Cabletron SmartSwitch Router forwards all packets destined for port 80 to
the Linux box where ipchains have been set up to accept internal->internal
traffic and anywhere->Linux box traffic. Traffic from anywhere else ->
port 80 is redirected to port 3128. Apache is running and listening at
port 80.

Squid is working wonderfully for traffic heading for the Internet.
squidGuard (a redirector) is working wonderfully. If I use a browser to
connect directly to the Linux machine, Apache works wonderfully.

You're probably wondering what the problem could be if everything is so
wonderful. :-) squidGuard redirects blocked URLs to a "no access" web
page. I would like that to be served by Apache on the same machine
instead of bugging another machine on our network.

If I set squidGuard up this way, a request for the Internet comes in, it
is redirected to Squid on port 3128, it is sent to squidGuard where it is
blocked and redirected to the same machine (supposedly to Apache), it goes
back to Squid and a couple of minutes later Squid displays an error page
with the message that the connection timed out. The redirected URL it
displays is correct, but it can't make the connection to Apache. If I
redirect to a different machine, things are wonderful, again. :-)

So, what's happening, and how do I fix it? I tried binding Apache to the
loopback interface and port 80 in case Squid was recognizing it was on the
same machine and going that route. I tried moving Apache to a different
port on the network interface. Nothing has been successful. Do I need to
specifically set some ACL's or compilation options in order for this to
work? Thanks for your help and suggestions (which would be wonderful :-).

Russell Mosemann * Computing Services * Concordia University, Nebraska
Received on Tue Apr 18 2000 - 10:57:44 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:52:58 MST