[squid-users] Re: re[squid-users] verse proxy headache

From: Visolve Squid <squid@dont-contact.us>
Date: Wed, 13 Feb 2008 19:17:07 +0530

Hello,

Squid latest version is squid-2.6STABLE18. You can configure the reverse
proxy easily with squid-2.6.

Reverse proxy configuration in squid-2.5 :
http_port 80 # Port of Squid proxy
httpd_accel_host 172.16.1.115 # IP address of web server
httpd_accel_port 80 # Port of web server
httpd_accel_single_host on # Forward uncached requests to single host
httpd_accel_with_proxy on
httpd_accel_uses_host_header off

For more details visit at
http://www.visolve.com/squid/whitepapers/reverseproxy.php#What_is_Reverse_Proxy_Cache

Reverse proxy configuration in squid-2.6 :
http_port 80 vhost
cache_peer <webserver ip > parent <webserver port> 0 no-query originserver

Example:
http_port 80 vhost
cache_peer proxy.nour.net.sa parent 8080 0 no-query originserver

For more Details: http://www.visolve.com/squid/squid26/contents.php

Thanks,
-Visolve Squid Team
www.visolve.com/squid/

dirtybugg wrote:
> Hi please help me i am new to squid, i have squid 2.5 my squid.conf is below
> please help.... i am not able to brows our internet
>
> #Default:
> # http_port 3128
> http_port 8080
>
> #Default:
> # none
> #cache_peer proxy.saudi.net.sa parent 8080 3130 default no-query
> #cache_peer 62.149.115.12 parent 8080 3130 default no-query
> cache_peer proxy.nour.net.sa parent 8080 3130 default no-query
>
> #Default:
> # cache_dir ufs /var/spool/squid 100 16 256
> cache_dir ufs /cache1 8000 16 256
> cache_dir ufs /cache2 8000 16 256
>
> #Default:
> # cache_access_log /var/log/squid/access.log
> cache_access_log /var/log/squid/access.log
>
> #Default:
> # pid_filename /var/run/squid.pid
> pid_filename /var/run/squid.pid
>
> auth_param basic children 5
> auth_param basic realm Squid proxy-caching web server
> auth_param basic credentialsttl 2 hours
> auth_param basic casesensitive off
>
> #Recommended minimum configuration:
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl to_localhost dst 127.0.0.0/8
> acl SSL_ports port 443 563
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 563 # https, snews
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl CONNECT method CONNECT
>
> acl snmpsaudiedi snmp_community rtgg0v1
>
> #Recommended minimum configuration:
> #
> # Only allow cachemgr access from localhost
> http_access allow manager localhost
> http_access deny manager
> # Deny requests to unknown ports
> http_access deny !Safe_ports
> # Deny CONNECT to other than SSL ports
> http_access deny CONNECT !SSL_ports
> #
> # We strongly recommend the following be uncommented to protect innocent
> # web applications running on the proxy server who think the only
> # one who can access services on "localhost" is a local user
> #http_access deny to_localhost
> #
> # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
>
> # Example rule allowing access from your local networks. Adapt
> # to list your (internal) IP networks from where browsing should
> # be allowed
> #acl our_networks src 192.168.1.0/24 192.168.2.0/24
> #http_access allow our_networks
> acl user_networks src 192.168.19.0/24
> acl svr_networks src 192.168.17.0/24
> acl dmz_networks src 62.149.115.128/25
>
> http_access allow user_networks
> http_access allow svr_networks
> http_access allow dmz_networks
> icp_access allow user_networks
> icp_access allow svr_networks
> icp_access allow dmz_networks
>
> # And finally deny all other access to this proxy
> http_access allow localhost
> http_access deny all
>
> #Default:
> # http_reply_access allow all
> #
> #Recommended minimum configuration:
> #
> # Insert your own rules here.
> #
> #
> # and finally allow by default
> http_reply_access allow all
>
> # TAG: icp_access
> # Allowing or Denying access to the ICP port based on defined
> # access lists
> #
> # icp_access allow|deny [!]aclname ...
> #
> # See http_access for details
> #
> #Default:
> # icp_access deny all
> #
> #Allow ICP queries from everyone
> icp_access allow all
>
> #Default:
> # none
> visible_hostname proxy1
>
> #Example:
> # snmp_access allow snmppublic localhost
> # snmp_access deny all
> #
> #Default:
> # snmp_access deny all
> snmp_access allow snmpsaudiedi user_networks
> snmp_access deny all
>
Received on Wed Feb 13 2008 - 06:49:35 MST

This archive was generated by hypermail pre-2.1.9 : Sat Mar 01 2008 - 12:00:05 MST