Re: [squid-users] Reverse proxy question

Direct requests works for me too. But if my LAN user browses our WWW server
(external) clicks on link related to internal he(she) gets an error 403.
On Thu, 15 Sep 2005 10:24:48 -0400
  trainier@kalsec.com wrote:
> Personally, I'd use a proxy configuration script that exempts internal
> requests from being proxied.
> Then set your clients up to use the script.
>
> Not that I'm not suggesting the use of WPAD. IE and firefox/mozilla, for
> example, have an option in their network settings to
> use an automatic proxy configuration script. The script uses javascript
> to define where/how requests should be handled.
>
> The squid faq has several links on where to get instructions on how to
> create autoconfiguration scripts.
>
> I find the script to be good practice because you can adjust changes to
> the proxy simply my updating one script.
>
> It will most likely work around your 403 error, as well.
>
> Tim Rainier
> Information Services, Kalsec, INC
> trainier@kalsec.com
>
>
>
> "Oleksii Krykun" <okg@ua.fm>
> 09/15/2005 09:34 AM
>
> To
> squid-users@squid-cache.org
> cc
>
> Subject
> [squid-users] Reverse proxy question
>
>
>
>
>
>
> I have WWW server www.myserver on Apache with some links to internal
> servers
> as
>
> http://mywwwserver/link1
> http://mywwwserver/link2
> http://mywwwserver/link3
>
> On apache I rewrite:
>
> RewriteEngine on
> RewriteRule ^/link1(.*) http://myproxyserver/link1$1 [P]
> RewriteRule ^/link2(.*) http://myproxyserver/link2$1 [P]
> RewriteRule ^/link3(.*) http://myproxyserver/link3$1 [P]
>
> I used MS Proxy 2.0 as myproxyserver before.
> On my proxyserver following rules were applied:
>
> http://myproxyserver/link1 -> http://10.1.1.1/dir1
> http://myproxyserver/link2 -> http://10.1.1.1/dir2
> http://myproxyserver/link3 -> http://10.1.1.2/
>
> All works fine.
>
> Now I change MS Proxy with Squid+SquidGuard.
> In squid.conf I use:
> http_port=80
> httpd_accel_host mynewproxy
> httpd_accel_port 80
> httpd_accel_with_proxy on
> httpd_accel_uses_host_header on
>
> mywwwserver is allowed by acl settings.
>
> Rewrite rules from squidGuard.conf are following:
>
> s@http://mynewproxy/link1@http://10.1.1.1/dir1/@i
> s@http://mynewproxy/link2@http://10.1.1.1/dir2/@i
> s@http://mynewproxy/link3@http://10.1.1.2/@i
>
> All works for outside requests but for internal users request to e.g.
> http://mywwwserver/link1/file.html gives me 403 error.
>
> Where I am wrong?
>
> Thanks,
> Oleksii
> ----
> А вы в курсе как заработать на курсе?
>FOREX. Дилинговый центр АКБ "Укрсоцбанк".
> Работает круглосуточно.
> Лиц НБУ N5 от 29.12.2001.
> http://forex.ukrsotsbank.com/?ito=873&itc=8
>
>

----
А вы в курсе как заработать на курсе?
FOREX. Дилинговый центр АКБ "Укрсоцбанк".
Работает круглосуточно.
Лиц НБУ N5 от 29.12.2001.
http://forex.ukrsotsbank.com/?ito=873&itc=8