Re: [squid-users] Complex reverse proxy issues

To run multiple instances of squid on one server simply run squid -f
/path_to_squid.conf. Configure each squid.conf to listen on a different IP
address. Virtual hosting may be an option but with using SSL I'm not sure
that you can. I'm also having some difficulty setting up squid to use 1 ip
address for multiple websites due to the need for SSL.

Hope this helps.
----- Original Message -----
From: <jbeadles@pobox.com>
To: <squid-users@squid-cache.org>
Sent: Thursday, June 24, 2004 8:46 AM
Subject: [squid-users] Complex reverse proxy issues

>
> I'm a total newbie to squid, and am having to relearn Unix for this
> project. Reading through the msgs on this list, I've run into a road
> block while planning my squid implementation. I have a fairly complex
> problem with a reverse proxy application. I need to set up a reverse
> proxy system that allows users in our network to see http servers in
> other networks across the public internet. Initially this does not
> seem to be so complex, and in fact I have some parts of this working.
> Details of the implementation are as follows:
>
> Users will need reverse proxy access to many http servers, most on
> port 80, some on port 8080 - Users of the system do not need
> encryption (no SSL for the clients) - The origin http servers will be
> on private networks across the public internet - The many, different
> owners of the origin servers will insist on encrypting the traffic
> between the reverse proxy and the origin http servers - The many
> different owners may insist on different types of encryption (some
> may accept SSL, others may require SSH or other) - It would be
> preferable to give each owner their own SSL cert if required
>
> In short, it would look like this:
>
> user(80) <---> (squid)(80) <-- (SSL) ----------> (www1)
> (8080) <-- (SSL) ----------> (www2)
> (80) <-- (SSH(http)) ---> (www3)
> (8080) <-- (SSH(http)) ---> (www4)
>
> Currently, I have made squid work as a reverse proxy to many hosts
> with some running on either port by using a perl redirector script.
> But I can't see any way to accomplish this with one Squid instance.
> Given that all outbound squid connections may need separate SSL certs
> and some outbound connections will need SSH or other protocols, it's
> looking like I will be better off just having a separate Squid
> instance, each with its' own squid.conf, for each outbound
> connection. I'm assuming that I would have to give each instance
> its' own IP, but I can do that.
>
> Comments, corrections? I have no idea how I would run multiple
> instances of Squid on a server, each with a different squid.conf. Any
> comments?
>
>
>
>
Received on Thu Jun 24 2004 - 06:58:47 MDT