Re: [squid-users] Reverse proxy question

Personally, I'd use a proxy configuration script that exempts internal
requests from being proxied.
Then set your clients up to use the script.

Not that I'm not suggesting the use of WPAD. IE and firefox/mozilla, for
example, have an option in their network settings to
use an automatic proxy configuration script. The script uses javascript
to define where/how requests should be handled.

The squid faq has several links on where to get instructions on how to
create autoconfiguration scripts.

I find the script to be good practice because you can adjust changes to
the proxy simply my updating one script.

It will most likely work around your 403 error, as well.

Tim Rainier
Information Services, Kalsec, INC
trainier@kalsec.com



"Oleksii Krykun" <okg@ua.fm>
09/15/2005 09:34 AM

To
squid-users@squid-cache.org
cc

Subject
[squid-users] Reverse proxy question






I have WWW server www.myserver on Apache with some links to internal
servers
as

http://mywwwserver/link1
http://mywwwserver/link2
http://mywwwserver/link3

On apache I rewrite:

RewriteEngine on
RewriteRule ^/link1(.*) http://myproxyserver/link1$1 [P]
RewriteRule ^/link2(.*) http://myproxyserver/link2$1 [P]
RewriteRule ^/link3(.*) http://myproxyserver/link3$1 [P]

I used MS Proxy 2.0 as myproxyserver before.
On my proxyserver following rules were applied:

http://myproxyserver/link1 -> http://10.1.1.1/dir1
http://myproxyserver/link2 -> http://10.1.1.1/dir2
http://myproxyserver/link3 -> http://10.1.1.2/

All works fine.

Now I change MS Proxy with Squid+SquidGuard.
In squid.conf I use:
http_port=80
httpd_accel_host mynewproxy
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

mywwwserver is allowed by acl settings.

Rewrite rules from squidGuard.conf are following:

s@http://mynewproxy/link1@http://10.1.1.1/dir1/@i
s@http://mynewproxy/link2@http://10.1.1.1/dir2/@i
s@http://mynewproxy/link3@http://10.1.1.2/@i

All works for outside requests but for internal users request to e.g.
http://mywwwserver/link1/file.html gives me 403 error.

Where I am wrong?

Thanks,
Oleksii
----
А вы в курсе как заработать на курсе?
FOREX. Дилинговый центр АКБ "Укрсоцбанк".
Работает круглосуточно.
Лиц НБУ N5 от 29.12.2001.
http://forex.ukrsotsbank.com/?ito=873&itc=8


Received on Thu Sep 15 2005 - 08:27:00 MDT