Re: [squid-users] acl-specific http_port

From: Henrik Nordstrom <>
Date: Wed, 28 Mar 2001 09:32:36 +0200

Mikhail Teterin wrote:
> Thanks, I think, I'm getting there. Here is what I did:
> http_port 80 # To be the only one :)
> httpd_accel_host virtual # We need to support multipl vhosts

So you have multiple IP addresses where Squid listens, and a redirector
to take care of rewriting these to the correct domain(s)?

Are you sure you are not looking for httpd_accel_uses_host_header here?
(most people are, but confuse the two).

> httpd_accel_port 8015 # This is where one of servers listens;
> # this server will NOT grok hostname in
> # the request, BTW
> httpd_accel_with_proxy on # We need this too

Then be very careful with your http_access rules to not open up the
proxy to the world...

> acl S urlpath_regex ^/dufus/|^/$ # Only the URLs, which start
> # with /dufus/ or the main page (/)
> cache_peer localhost parent 8000 0 no-query # Apache listens on localhost:8000
> never_direct allow S # Never fetch /dufus/ and / directly
> cache_peer_access localhost allow S
> cache_peer_access localhost deny !S

The last cache_peer_access line is not strictly needed, or should read
cache_peer_access localhost deny all

> This seems to be working, except that squid responds with ERR_DNS_FAIL
> for its own hostname. A simple nslookup on the same machine resolves it
> perfectly, and it is also listed in /etc/hosts (with IP). Any
> ideas? It was working fine as an accelerator for just Apache before...

No idea. Which Squid version are you using, with internal or external
(dnsserver) DNS client implementation?

Henrik Nordstrom
Squid hacker
Received on Wed Mar 28 2001 - 00:45:04 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:59:00 MST