Re: [squid-users] How to use accelerating proxies correctly?

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Wed, 25 Aug 2004 19:59:55 +0200 (CEST)

On Wed, 25 Aug 2004, André Füchsel wrote:

> There is no public domain name, since squid is placed in DMZ and the JBoss
> server is placed behind a firewall in the user LAN. It can only be reached by
> using IP-Addresses. Why is it bad to use IP-Addresses? Should be transparent,
> shouldn't it? But I can of course place the IP in /etc/hosts...

So your users are supposed to enter the IP address in their browsers?

Yes, the actual IP of the server needs to go into /etc/hosts.

> But the problem with the port still remains. I cannot use port 80, so I must
> use a different port internally (8100).

Then you need to fix the server to think it is using port 80 while
listening for requests on port 8100, or take great care to make sure the
server never ever makes use of the port number when constructing URLs sent
to the client.

This means

   - No redirects (3xx responses)

   - No HTML code where the application renders absolute URLs

   - No other assumptions about absolute URLs in the application.

> I thought squid can be configured pretty much the same way like Apache's
> mod_proxy module. Here you can configure very easily what I want:
>
> ProxyRequests Off
> <Proxy *>
> Order deny,allow
> Allow from all
> </Proxy>
>
> ProxyPass /myapp http://10.0.10.102:8100/myapp
> ProxyPassReverse /myapp http://10.0.10.102:8100/myapp

Squid does not have a equivalence ProxyPassReverse, and even if it had
this also only solves one small facet of the problem at hand.

> Any hints would be very much appreciated, I am out of options now. I rewally
> don't know, what to do now.

I would probably agree here.. you seem to be stuck with an environment
inherently unfriendly to what you are trying to accomplish, making things
several orders of magnitude more complext than they need to be.

Regards
Henrik
Received on Wed Aug 25 2004 - 12:00:01 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Sep 01 2004 - 12:00:02 MDT