[squid-users] reverse proxy

From: John Rooney <John.Rooney@dont-contact.us>
Date: Tue, 16 Aug 2005 15:52:31 +1200

Hi all,

Apologies for this, if it's a common question. I *have* looked in the
FAQ but haven't managed to resolve my problem.

I'm looking to reverse host a number of sites on different servers
through a singe exposed IP address. I've populated the local hosts file
(Squid 2.5 for NT)
And Squid itself is firing up. No matter what I put in the acl lists, I
keep getting a url could not be retrieved error. I'll qualify that by
saying I haven't yet put the correct config in the acl lists ;-). In the
interests of getting somewhere, I have supplied the acl portion (without
the majority of the commenting) to see if there is anything obvious.

I haven't used the http_accelerator options, should I? To me, the proxy
should function from both sides equally well, as It's only resolving
requests that will match entries in the hosts file.

Thanks
John

 #Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl int_net src 172.23.0.0/255.255.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl CONNECT method CONNECT

# TAG: http_access
#Default:
#http_access deny all
#
#Recommended minimum configuration:
#
# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager
http_access allow int_net
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
#http_access deny to_localhost
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS

# Example rule allowing access from your local networks. Adapt
# to list your (internal) IP networks from where browsing should
# be allowed
acl our_networks src 172.23.0.0/16
http_access allow our_networks

# And finally deny all other access to this proxy
http_access deny all

# TAG: http_reply_access
#Default:
#http_reply_access allow all
#
#Recommended minimum configuration:
#
# Insert your own rules here.
http_reply_access allow our_networks
#
#
# and finally allow by default
http_reply_access allow all
Received on Mon Aug 15 2005 - 21:52:40 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Sep 01 2005 - 12:00:02 MDT