On 24/03/2012 2:27 a.m., guest01 wrote:
>> ok, in my setup I am using the same IP with different Ports:
>>
>> http_port 10.122.125.2:3129 intercept name=transparentHTTPPort
>> https_port 10.122.125.2:3130 intercept cert=/etc/squid/squid.pem
>> name=transparentHTTPsPort
>> acl redirectbehavior myportname transparentHTTPPort
>>
>> And how would I apply the myportname-acl? (Sounds like a noob
>> question, but I could not find helpful documentation)
>>
> I am still having problems understanding what the myportname-acl is
> used for or how to use it.
The old myport and myip ACL are not very reliable. Particularly for
intercept or tproxy ports where the Squid listening/receiving ip:port is
unrelated to the packet destination ip:port.
We now have a textual label for each *_port line. By default that is the
text you entered in squid.conf as the ip:port value (exact text from
squid.conf). But can be changed to something more descriptive using the
name= option.
You can use it to reliably match all traffic arriving in a Squid
listening port regardless of type, processing path, adpatation or whatever.
>
> My Test-Squid-Server is using one IP-address with multiple ports:
> 3128 -> default forward proxy port (used by clients who know they have
> to use a proxy)
> 3129 -> HTTP intercept (dnat via Firewall)
> 3130 -> HTTPs intercept (dnat via Firewall)
>
> The problem is a HTTP-to-HTTPs-redirect, which does not work. I tried
> to google about the myportname/myip-acl but I could not find anything
> useful/working.
> Can anybody please explain how to use it, if it is possible to solve
> this problem? Thanks!
What traffic flow appears to be going on right now when it doesn't work?
and what is the desired traffic flow?
Amos
Received on Fri Mar 23 2012 - 23:10:49 MDT
This archive was generated by hypermail 2.2.0 : Sun Mar 25 2012 - 12:00:03 MDT