On 13/01/2012 4:03 p.m., Xizhen Du wrote:
> Hi all,
>
> I am quite new for squid, and now facing a case and no idea how to get it work.
>
> There's 2 proxies:
>
> Proxy A: nearly a default setup, just configured cache_peer to B
> Proxy B: as the parent for A, accepts the requests from A
>
> So the simple picture is that: Web clients ----> A ----> B, and it is
> supposed that all web requests(http, https) are leaving from B to the
> destionation servers.
> Web browser on clients is with proxy A(for all protocals in settings
> including https)
>
> Right now seeing all "http" request are forwarded to B as expected,
> but those "https" are reaching outside from A directly, not over B.
>
> Any idea is appreciated, Thanks a lot!
HTTPS is usually passed over HTTP in the form of CONNECT requests
establishing a tunnel. It is far more efficient for Squid to simply open
the tunnel and relay teh data down it than to relay both the tunenl and
data inside via a peer. This is why it "reaches outside from A directly".
You can use "nonhierarchical_direct off" to make these tunnels and a few
otehr requets go through the peer.
Amos
Received on Sat Jan 14 2012 - 06:03:41 MST
This archive was generated by hypermail 2.2.0 : Mon Jan 16 2012 - 12:00:02 MST