Re: [squid-users] Question about ACLs and http_access in Squid 3

Tom Williams wrote:
> Ok, now that I've basically got Squid 3 configured as a HTTP
> accelerator, I have a question about ACL rules and http_access.
>
> Here is the basic config: I've got two web servers behind a load
> balancer. The idea is to have Squid server as a HTTP accelerator for
> Apache so it will cache static content (like global site graphics, etc)
> leaving Apache to deal with traffic that requires database access.
>
> Here are my configuration lines:
>
> acl directIP dst aaa.bbb.ccc.ddd/32
> acl website dstdomain .mydomain.com
>
> #Recommended minimum configuration:
> #
> # Only allow cachemgr access from localhost
> http_access allow manager localhost
> http_access deny manager
> # Deny requests to unknown ports
> http_access deny !Safe_ports
> # Deny CONNECT to other than SSL ports
> http_access deny CONNECT !SSL_ports
> #
> # We strongly recommend the following be uncommented to protect innocent
> # web applications running on the proxy server who think the only
> # one who can access services on "localhost" is a local user
> http_access deny to_localhost
> #
> # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
>
> # Example rule allowing access from your local networks.
> # Adapt localnet in the ACL section to list your (internal) IP networks
> # from where browsing should be allowed
> http_access allow localnet
> http_access allow directIP
> http_access allow website
>
> # And finally deny all other access to this proxy
> http_access deny all
>
>
> Now, when I point my browser at:
>
> http://aaa.bbb.ccc.ddd/
>
> I get an access denied 403 error page from Squid.
>
> If I point my browser at:
>
> http://www.mydomain.com/
>
> It works just fine. www.mydomain.com resolves to the aaa.bbb.ccc.ddd.
> IP address.
>
> Why does the domain work yet the IP doesn't? What am I missing?
>

All of the actual acceleration bits :)
   http://wiki.squid-cache.org/SquidFaq/ReverseProxy

Amos

-- 
Please use Squid 2.7.STABLE4 or 3.0.STABLE9