RE: [squid-users] Proxy AND reverse proxy

OK Thanks
For simplified, i try to work with a no ssl site and if it
work i try ssl

I do this in my squid.conf :
http_port 3128 accel defaultsite=SITE
cache_peer 172.17.0.1 parent 80 0 no-query originserver

But I am a error when i try to launch squid :
FATAL: Bungled squid.conf line 332: http_port 3128 accel
defaultsite=SITE
Squid Cache (Version 2.6.STABLE5-NT): Terminated abnormally.

In resume, my squid work fine in proxy cache mode. This the conf :
http_port 3128 # for proxy cache
cache_peer localhost parent 8080 0 default no-query # for
use a proxy antivirus

auth_param basic program c:/squid/libexec/squid_ldap_auth.exe
-R -b ...... # for identified my user
auth_param basic children 5
auth_param basic realm Authentification
auth_param basic credentialsttl 30 second

acl MONRESEAU src 172.17.0.0/255.255.0.0
acl AUTHENT proxy_auth REQUIRED
...
http_access allow MONRESEAU AUTHENT
http_access deny all

In firefox, the proxy config is IP : 192.168.150.1 and port :
3128

Squid is on a server in DMZ.
I have open route and ACL in the firewall
My site in intranet http://172.17.0.1/SITE/ work fine
Now I want to access to this site on internet like this :
http://PU.BL.IC.IP/SITE/
How to do this ?
Thanks.

Jérôme

PS : sorry for my poor english... ;-)

-----Message d'origine-----
De : Henrik Nordstrom [mailto:henrik@henriknordstrom.net]
Envoyé : mercredi 30 mai 2007 20:10
À : bret.jerome
Cc : squid-users
Objet : Re: [squid-users] Proxy AND reverse proxy

ons 2007-05-30 klockan 15:58 +0200 skrev bret.jerome:

> I use squid-2.6.STABLE5-NT as a proxy for my organisation.
> There are no problem.
> Now, i want to use squid as a reverse proxy, for my website.
> The site what i want to publish is on a IIS6 and SSL.
> In the intranet, the direct connection to the site is
> https://172.17.1.1/SITE/
>
> This is my squid config :
> http_port 3128 # for the proxy cache
> httpd_accel_host 172.17.1.1 # IP address of web server
> httpd_accel_port 443 # Port of web server
httpd_accel_single_host on #
> Forward uncached requests to single host
httpd_accel_with_proxy on
> httpd_accel_uses_host_header off

The above is for Squid-2.5, and additionally won't do what you
are after.. (2.5 can't).

For Squid-2.6 see the FAQ. Much simpler, and fully capable of
doing what you are after. For https you need to use the
https_port directive, which requires a usable SSL certificate
(and key).

http://wiki.squid-cache.org/SquidFaq/ReverseProxy

Regards
Henrik

1 Go d'espace de stockage, anti-spam et anti-virus intégrés.
Received on Sat Jun 02 2007 - 07:22:20 MDT