RE: [squid-users] Squid Server Accelerator + iptables

I would like to clarify what you are asking.

I believe you would like to set up your iptables (on your squid box?) to
take all incoming requests from the Internet for your web server. Squid
would listen for requests from the Internet on port 80, and check its local
cache to see if there's a copy of the requested file.

If not, squid would forward the request to your web server's port 80.
(example 192.168.1.123:80).

Is that correct?

If so, and your iptables firewall is set up on "box A", you need to allow
connections in and out from your Web server's internal IP address. You also
need to allow forwarding connections form the Internet to the web server and
from Box A to the web server.

HTH

-----Original Message-----
From: Jim Matthews [mailto:jim.matthews@notes.duke.edu]
Sent: June 30, 2004 11:45 AM
To: squid-users@squid-cache.org
Subject: RE: [squid-users] Squid Server Accelerator + iptables

Hi

We are using Squid in accelerator mode to lessen the load on our backend
web server. Here's the scenario:

--Box A is Squid
--Box B is Web Server

On Box A, I need to allow outside access to port 80 (configured for
Squid). Since Box A and Box B are talking to one another "behind the
scenes", how do I need to setup the rules to allow them to communicate?

On Box B, I would imagine I just need to configure the machine to listen
to requests on port 80 only from Box A. Does that seem correct?

Any help would be greatly appreciated.

Thanks.
---------------------
Jim Matthews
ISS Systems Administrator
Duke University - Perkins Library
Box 90196
Durham, NC 27708
Email: jim.matthews@duke.edu
Voice: 919-660-5963
Fax: 919-684-6990
Received on Wed Jun 30 2004 - 12:14:45 MDT