Hello Henrik,
My configuration requirement is when user authenticate against domino web
server it will sent new url
http://squid.xyz.com/mail.xyz.com/mail/user.nsf back to the external user
browser. That is returned as a request to
squid.xyz.com. The trick is to get webmail use internal (private) DNS and to
make this an http request, such as http:/mail.xyz.com/mail/user.nsf. So i
used below perl script to url rewrite.
#!/usr/bin/perl -p
BEGIN { $|=1;}
while ($url = <>) {
@list = split("/", $url);
$newurl="http:/";
for($i=3;$i<@list;$i++) {
$newurl=$newurl."/".$list[$i];
}
return "$newurl";
}
but it gets into loop my access log shows
1046356085.237 2 172.16.1.111 TCP_MISS/403 1022 GET
http://squid.xyz.com/mail.xyz.com/mail/user.nsf - NONE/- -
1046356085.239 9 172.16.1.135 TCP_MISS/403 1051
Ghetto://squid.xyz.com/mail.xyz.com/mail/user.nsf - DIRECT/172.16.1.111
text/html
Here 172.16.1.111 is ip address of squid server and 172.16.1.135 is client
ip address
For testing
i used tried to browse some page directly as
http://squid.xyz.com/172.16.1.10/mail/
This should return http://172.16.1.10/mail index page but again it gives
same error.
I am not able to solve this problem. Is my perl script correct and do i need
something in squid.conf
Adv thanks and Regards,
Jack
> Seems your redirector did not rewrite the URL.
>
> Quick chec... nope. If given http://squid.xyz.com/james/ your redirector
> gives the exact same URL back..
>
> [to tired to look into your perl program to tell why, but at least you
> know where to look]
>
> Regards
> Henrik
>
>
> tor 2003-02-27 klockan 16.59 skrev Jack:
> > Hello Henrik,
> >
> > My access.log shows
> >
> > 1046356085.237 2 172.16.1.111 TCP_MISS/403 1022 GET
> > http://squid.xyz.com/james/ - NONE/- -
> > 1046356085.239 9 172.16.1.135 TCP_MISS/403 1051 GET
> > http://squid.xyz.com/james/ - DIRECT/172.16.1.111 text/html
> >
> > Here 172.16.1.111 is reverse proxy ip address(squid.xyz.com resolves to
this
> > ip address) and 172.16.1.135 is clients ip address.
> >
> > My access.log
> > 2003/02/27 19:58:05| WARNING: Forwarding loop detected for:
> > GET /james/ HTTP/1.0^M
> > Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
> > application/msword,
> > application/vnd.ms-excel, */*^M
> > Accept-Language: en-us^M
> > Accept-Encoding: gzip, deflate^M
> > User-Agent: Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; DigExt)^M
> > Via: 1.1 squid:80 (Squid/2.4.STABLE7)^M
> > X-Forwarded-For: 172.16.1.135^M
> > Host: squid.xyz.com^M
> > Cache-Control: max-age=259200^M
> > Connection: keep-alive^M
> >
> > My exact requirement is i want to run running reverse proxy for domino
web
> > server.
> >
> > Regards,
> > Jack
> >
> >
> >
> >
> >
> > > tor 2003-02-27 klockan 11.27 skrev Jack:
> > >
> > > > if squid receives squid.xyz.com/jack/ then it should redirect to
> > 172.16.1.10
> > > > web server and for squid.xyz.com/james it should redirect to
172.16.1.11
> > > >
> > > > So redir.pl looks like
> > > >
> > > > #!/usr/bin/perl -p
> > > > BEGIN { $|=1;}
> > > > s%http://squid.xyz.com/jack/\b%http://172.16.1.10/test/% && next;
> > > > s%http://squid.xyz.com/james/\b%http://172.16.1.11% && next;
> > > >
> > > > When i try this setup i get access denied page from squid
> > >
> > > What do you get in access.log?
> > >
> > > Anything in cache.log?
> > >
> > > > even though i set
> > > > http_access allow all
> > >
> > > don't. doing so will create an open proxy for which is is only a
matter
> > > of minutes before it gets abused by various hackers..
> > >
> > >
> > > Accelerators SHOULD ALWAYS set up access control limit which
> > > destinations is allowed to be reached.
> > >
> > > --
> > > Henrik Nordstrom <hno@squid-cache.org>
> > > MARA Systems AB, Sweden
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Everything you'll ever need on one web page
> > from News and Sport to Email and Music Charts
> > http://uk.my.yahoo.com
> --
> Henrik Nordstrom <hno@squid-cache.org>
> MARA Systems AB, Sweden
__________________________________________________
Do You Yahoo!?
Everything you'll ever need on one web page
from News and Sport to Email and Music Charts
http://uk.my.yahoo.com
Received on Fri Feb 28 2003 - 07:38:25 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:45 MST