Chris, that worked... well sorta.. I am seeing these messages in my
access logs and on the browser I see "Invalid Request" . Could be
missing some acl stuff ?
1163809785.556 3 10.169.155.217 TCP_DENIED/400 1638 GET
error:invalid-request - NONE/- text/html
1163809796.231 38 10.169.155.217 TCP_DENIED/400 1628 GET
error:invalid-request - NONE/- text/html
1163809809.773 40 10.169.155.217 TCP_DENIED/400 1628 GET
error:invalid-request - NONE/- text/html
1163809935.515 1 10.169.155.217 TCP_DENIED/400 1654 GET
error:invalid-request - NONE/- text/html
Thanks
Chris Robertson wrote on 11/17/2006, 3:24 PM:
> Mohan wrote:
> > Chris Robertson wrote on 11/17/2006, 2:30 PM:
> >
> > > Mohan wrote:
> > > > I am using squid 2.6 and I
> > > > need to setup transparent caching for a webserver running on a
> port
> > > > other than 80. We have a webserver running on port 2000 . I
> have spent
> > > > quite a number of hours trying to figure out in changing this
> default
> > > > setting. Is there a way to change this ?
> > > >
> > > >
> > > First off, are you really trying to do interception proxy
> > > (http://wiki.squid-cache.org/SquidFaq/InterceptionProxy, often
> mistaken
> > > for transparent proxy), or are you attempting acceleration
> > > (http://wiki.squid-cache.org/SquidFaq/ReverseProxy)?
> > >
> > > The first would likely require changes to your firewall rules. The
> > > latter would require changes to how Squid is set up. Hopefully your
> > > questions will be answered in the links provided.
> > >
> > > Chris
> > >
> >
> > Chris,
> > Thanks for responding. As you can see I am still confused
> between the
> > two. I thought in 2.6 Reverse proxy was replaced by InterceptionProxy.
> > Did I get that wrong ? I probably did!
> >
> > How are the two different ? I need to be able to install a cache proxy
> > alongside my webserver to cache some dynamilcaaly generated pages.
> Which
> > one would be the right one ?
> >
> > Again thanks for your time.
> >
> > -Mohan
> >
> >
>
> No worries.
>
> The two serve different functions. One is intended to be a "Zero Client
> Configuration" proxy (interception proxy), the other is set up as a
> buffer for a website (accelerator).
>
> From the description given, you are looking to set up an accelerator.
>
> Here are the relevant bits:
>
> http_port 2000 # Make squid listen on port 2000*
> cache_peer 1.2.3.4 parent 2000 0 no-query originserver
> acl accelerated_server dst 1.2.3.4
> ....
> # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
> http_access allow accelerated_server
>
> The "INSERT YOUR OWN" line is preexisting in the default squid.conf and
> is included as a reference point of where to put the required
> http_access line. The acl must be placed before this line. Obviously,
> replace 1.2.3.4 with the real IP of your web server. I think you might
> also want to set "visible_hostname" to the address currently used to
> access your website.
>
> * Feel free to use a different http_port. I'm just using 2000 for the
> sake of continuity. I am aware of no reason Squid would be unable to
> listen on port 80, and make requests to the server on port 2000 (aside
> from
>
http://wiki.squid-cache.org/SquidFaq/ReverseProxy#head-ae649735ddf053125e55f28cec17b0dc94eb26da).
>
> For what it's worth, you could have squid listen on both port 80 and
> 2000. You might also add a defaultsite argument to the http_port (e.g.
> http_port 2000 defaultsite=www.myserver.com) for any clients that don't
> supply a Host header.
>
> Chris
>
> P.S. I do not have a Squid server set up in an accelerating capacity, so
> the above advice is based strictly on participation in the mailing list.
>
-- ------------------------------------------ Mohan Rao (650 937 3369) / mohansrao@aol.com AIM : mohansrao MBA at Santa Clara University ------------------------------------------Received on Fri Nov 17 2006 - 17:39:59 MST
This archive was generated by hypermail pre-2.1.9 : Fri Dec 01 2006 - 12:00:03 MST