Re: [squid-users] Is Squid the right tool for the job?

From: Gordon Mohr <gojomo_at_archive.org>
Date: Thu, 02 Oct 2008 17:00:57 -0700

A squid expert can say whether a squid on your 'B' machine can take a
plain HTTP request from A to B and turn it into an HTTPS request from B
to C. (I don't know, maybe.)

But I suggest you look into "SSH tunneling", and specifically the ssh
"-D" option for setting up a SOCKS proxy.

Then, if B can ssh into (a guest account on) C, it can also tunnel
connections from A. And if whatever on A is generating the message can
use a SOCKS proxy (and most HTTP libraries should be able to), you're set.

Hope this helps,

- Gordon

gms5002 wrote:
> Hello,
>
> Sorry if this is a stupid question, but I am a little out of my element
> here. Our sysadmin recently left, leaving me in charge of this project.
> Basically what we need to do is encrypt a message from our client's server
> (we cannot touch their server though) and get it over the public internet to
> our data center.
>
> [A - client server] ---unencrypted message-->[B - our server at client
> location] ----send via ssl over the public internet--->[C - our data center]
>
> Now, I am a software engineer and pretty unfamiliar with networking. It was
> suggested to me that I set up a Squid proxy on our server at the client
> location to handle the encryption and redirection. I am trying to get this
> to work unencrypted first, so I've set up 3 Ubuntu machines here in the
> office to simulate the above scenario. I've been able to access a web page
> hosted on server C from computer A. However, when I try to send a plain
> text message through a socket I get a response back indicating that the HTTP
> request is invalid (and the Squid logs show the same error). I am thinking
> that Squid may not be the right tool for this job...is there any way for
> squid to handle something like this? If not, does anyone have any
> suggestions? In a nutshell I need something that can handle 'Take all
> traffic from xxx.xxx.xxx.xxx, encrypt it, and send it to
> yyy.yyy.yyy.yyy:zzzz.' Thanks so much for your help!
Received on Fri Oct 03 2008 - 00:01:00 MDT

This archive was generated by hypermail 2.2.0 : Fri Oct 03 2008 - 12:00:01 MDT