Sorry i cannot share the url and hence im replacing the feed as
http://feeds.example.com/newsfeeds.xml
On Tue, Mar 20, 2012 at 1:37 AM, Eliezer Croitoru <eliezer_at_ngtech.co.il> wrote:
> On 19/03/2012 18:58, Vijay S wrote:
>>
>> Hi
>>
>> I have a my server box hosting apache and squid on centos machine.
>> When I send my request for clients feeds it works as they have
>> whitelisted my IP address, and when I make the call via squid its give
>> me invalid IP. I checked the access log for more information and found
>> out instead of sending my IP address its sending the localhost IP
>> address (127.0.0.1).
>
> i'm still trying to understand your network infrastructure.
> you have one apache server that also hosts squid?
Yes
> can you give the logs output?
1332194292.909 1 192.168.1.10 TCP_DENIED/403 3480 CONNECT
feeds.example.com:80 - NONE/- text/html
1332194335.536 1 192.168.1.10 TCP_DENIED/403 3480 CONNECT
feeds.example.com:80 - NONE/- text/html
1332194399.852 1 192.168.1.10 TCP_DENIED/403 3480 CONNECT
feeds.example.com:80 - NONE/- text/html
> what is the /etc/hosts content?
122.166.1.184 localhost
122.166.1.184 reactmedia.com
122.166.1.184 rm117
> by clients you mean you clients of squid?
there is no squid im accessing a feeds URL
http://feeds.example.com/newsfeeds.xml
> what do you mean by whitelisted your ip address?
request from my ip only can access this feeds. which they have
configured. it opens when i access from browser but when i called from
squid using php curl. it doesnot works
> is the apache server is listening on port 80?
Yes
> can you access it directly by ip + port 80? (no proxy)
yes
> when with proxy its not working?
True
> if its so then try to change the hosts file with the hostname in it to
> external_ip www.hostname.domain
its not the domain to ip mapping issue, when my request is sent its
sent as 192.168.1.10 instead 122.166.1.184. and hence the client url
is blocking me considering as the ip is not listed in there
whitelisted IP's opend for me to access.
>
> Regards,
> Eliezer
>
>
>> I googled a little and found that using tcp_outgoing_address directive
>> I can control the outgoing IP address and to my bad luck this didn’t
>> work
>>
>> My configuration file is as follows
>>
>> acl all src all
>> acl manager proto cache_object
>> acl localhost src 127.0.0.1/255.255.255.255
>> acl to_localhost dst 127.0.0.0/32
>> acl SSL_ports port 443
>> acl Safe_ports port 80 # http
>> acl Safe_ports port 21 # ftp
>> acl Safe_ports port 443 # https
>> acl Safe_ports port 70 # gopher
>> acl Safe_ports port 210 # wais
>> acl Safe_ports port 1025-65535 # unregistered ports
>> acl Safe_ports port 280 # http-mgmt
>> acl Safe_ports port 488 # gss-http
>> acl Safe_ports port 591 # filemaker
>> acl Safe_ports port 777 # multiling http
>> acl CONNECT method CONNECT
>>
>> http_access allow manager localhost
>> http_access deny manager
>> http_access deny !Safe_ports
>> http_access deny CONNECT !SSL_ports
>>
>> http_access allow localhost
>> http_access deny all
>>
>> icp_access allow all
>>
>> http_port 3128
>>
>> visible_hostname loclahost
>> debug_options ALL,1 33,2 28,9
>> tcp_outgoing_address 122.166.1.184
>>
>> Can somebody help me with configuration for the my servers. It will be
>> of great help.
>>
>> Thanks& Regards
>> Vijay
>
>
>
>
> --
> Eliezer Croitoru
> https://www1.ngtech.co.il
> IT consulting for Nonprofit organizations
> elilezer<at> ngtech.co.il
>
Received on Mon Mar 19 2012 - 22:36:55 MDT
This archive was generated by hypermail 2.2.0 : Tue Mar 20 2012 - 12:00:04 MDT