RE: FW: [squid-users] Reverse Proxy Multiple IP Addresses

Do you get the 403 from Squid or from the web server?
How have you set up the acl's and http_access directives?

Try changing the URL rewrite to

s@http://www.yourdomain.com/site1@http://nameoftheserver1/@i

and add to your /etc/hosts

ip-of-real-server1 nameoftheserver1

Your acl's could be for example:

acl realservers dst ip-of-realserver1 ip-of-realserver2 ...
http_access allow realservers
http_access deny all

Regards,

Tuukka

> -----Original Message-----
> From: Oleksii Krykun [mailto:okg@ua.fm]
> Sent: Tuesday, September 13, 2005 12:21 PM
> To: Laurikainen, Tuukka; Squid Users
> Subject: Re: FW: [squid-users] Reverse Proxy Multiple IP Addresses
>
> I did this.
> But I use
>
> s@http://www.yourdomain.com/site1@http://10.x.x./@i
>
> It works perfectly for internal requests. But if I try from outside I get
> 403
> error.
> Appropriate strings from squid.conf are
> http_port 80
> httpd_accel_host virtual
> httpd_accel_port 80
> httpd_accel_with_proxy on
>
> Where is my mistake?
>
> On Wed, 31 Aug 2005 22:34:04 +0200
> "Laurikainen, Tuukka" <t.laurikainen@ibermatica.com> wrote:
> > Hi,
> >
> > You could also do this with just one squid instance listening on just
> > one
> > IP address.
> >
> > Let's say that your domain is www.yourdomain.com.
> > On your firewall you route the traffic coming to the public IP that
> > corresponds to
> > your domin to the IP of your squid box (which is listening on port 80).
> > By using a redirector you can separate the three servers;
> >
> > www.yourdomain.com/site1 would be the 172.16.0.2:80 and we call it
> > server1
> > www.yourdomain.com/site2 would be the 172.16.0.3:80 and we call it
> > server2
> > www.yourdomain.com/site3 would be the 172.16.0.4:80 and we call it
> > server3
> >
> > So in your redirector you configure something like (this is the format
> > SquidGuard uses):
> >
> > s@http://www.yourdomain.com/site1@http://server1:80@i
> > s@http://www.yourdomain.com/site2@http://server2:80@i
> > s@http://www.yourdomain.com/site3@http://server3:80@i
> >
> > As you can see, the www.yourdomain.com/site# transforms to server#.
> > You have to have corresponding entries in your /etc/host for your
> > servers.
> >
> > If you need more help setting up something like this, don't hesitate to
> > ask.
> >
> > Kind regards,
> >
> > Tuukka
> >
> >> -----Original Message-----
> >> From: Brad Taylor [mailto:btaylor@Autotask.com]
> >> Sent: Wed 8/31/2005 6:30 PM
> >> To: Squid Users
> >> Subject: RE: [squid-users] Reverse Proxy Multiple IP Addresses
> >>
> >> Thanks.
> >>
> >> I'm replying so this gets put in the archives.
> >>
> >> I think you also need to add something about the PID in the conf file
> > so
> >> squid will run under a different PID #
> >>
> >> -----Original Message-----
> >> From: Jerry Thomas [mailto:thomasj@scoregroup.com]
> >> Sent: Wednesday, August 24, 2005 12:17 PM
> >> To: Brad Taylor
> >> Subject: Re: [squid-users] Reverse Proxy Multiple IP Addresses
> >>
> >> Hi,
> >>
> >> Reassign the ips of the real servers.
> >>
> >> Configure the squid server to listen to the 3 ips this has to be done
> > in
> >> your OS.
> >>
> >> If you can just set http_port to 80 squid will listen and answer all
> >> requests on all interfaces/ips.
> >>
> >> if not set http_port like so:
> >>
> >> http_port 172.16.0.2:80 172.16.0.3:80 172.16.0.4:80
> >>
> >> If the squid is set up correctly and you don't have too many dynamic
> >> objects one dedicated squid and one dedicated apache will handle the
> >> load fine.
> >>
> >> If not you will need to set up 3 dns records for all the accelerated
> >> servers and use round robin LB.
> >>
> >> like so:
> >>
> >> accelhost 172.16.0.5
> >> accelhost 172.16.0.6
> >> accelhost 172.16.0.7
> >>
> >> then set
> >>
> >> httpd_accel_host accelhost
> >>
> >> I had some issues with the round robin LB but I was trying o do it
> > with
> >> the hosts file so you should look into this.
> >>
> >> Good Luck,
> >> Jerry
> >>
> >> On Wed, 2005-08-24 at 11:05 -0400, Brad Taylor wrote:
> >> > I'd like to know how to reverse proxy multiple IP addresses or run
> >> > multiple squids on one box to do this. They are not different
> > domains
> >> so
> >> > I can't use host headers. Basically I'd like Squid to accept http
> >> > requests on 3 different IP addresses and proxy for 3 different IP
> >> > addresses (3 real servers). The 3 real servers have the same content
> >> so
> >> > I would like to not have to have 3 separate squid boxes.
> >> >
> >> > Can Squid do this, I'm not able to find it anywhere in the FAQ or
> > the
> >> > Squid book. Thanks your any help.
> >> >
> >> --
> >> Jerry Thomas thomasj@scoregroup.com
> >> I.T. Director ph. 305-662-5959 ext. 242
> >> The SCORE Group fax 305-662-8922
> >>
> >
>
> ----
> А вы в курсе как заработать на курсе?
> FOREX. Дилинговый центр АКБ "Укрсоцбанк".
> Работает круглосуточно.
> Лиц НБУ N5 от 29.12.2001.
> http://forex.ukrsotsbank.com/?ito=873&itc=8
Received on Tue Sep 13 2005 - 05:04:45 MDT