Re: [squid-users] Specifying the Source IP

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Thu, 12 Mar 2009 09:38:49 +0900

Sender: squid3_at_treenet.co.nz
Subject: Re: [squid-users] Specifying the Source IP
Message-Id: <b74f24e3ea61878d52351ef9597fbcf3.squirrel_at_webmail.treenet.co.nz>
Recipient: chris.brain_at_wanews.com.au

attached mail follows:


> Apologies in advance for what I’m sure should be an easy fix, but we’re
> trying to restrict the IP address squid listens on for our reverse proxy,
> web accelerator setup, which happens to reside on a server with 3 separate
> fixed IPs. The other two IPs are servicing two other (locally hosted)
> websites, and we just want squid to serve as a reverse proxy cache server
> for another site being hosted on a separate server. We need it to listen
> solely on the spare IP, so it doesn’t impede/redirect traffic coming in on
> the other IPs, but we’re not clear on how to specify this. Here is what I
> believe to be the relevant portion of our squid.conf:
>
> “
> http_port 80 accel defaultsite=www.website.com

To make squid *listen* on only one IP. Use:

  http_port <ip>:80 accel defaultsite=www.website.com

>
> cache_peer <XX.YY.ZZ.XX> parent 80 0 no-query originserver name=myAccel
>
> acl our_sites dstdomain www.website.com
> http_access allow our_sites
> acl all src 0.0.0.0/0.0.0.0

acl all src all

> cache_peer_access myAccel allow our_sites
> cache_peer_access myAccel deny all
> “
>
> It works with the 0.0.0.0/0.0.0.0, but issues an ‘Access Denied’ error
> whenever we try to specify the source IP within this area…
>

Depends on how you specify it. Maybe that is a separate issue.

Amos
Received on Thu Mar 12 2009 - 01:46:00 MDT

This archive was generated by hypermail 2.2.0 : Thu Mar 12 2009 - 12:00:02 MDT