Re: [squid-users] question about redirect http and https request to different cache peer

From: xiaoJay <xiaojay_at_gmail.com>
Date: Wed, 30 May 2012 10:40:30 +0800

Amos Jeffries, Thanks for reply.

I am running a regular proxy.

"So often the "https://" part is never seen by Squid."
so how can i redirect http and https request to different cache peer?

now, I tried this conf: (use port 443 to distinguish http from https request )

acl ACL_HTTPS proto HTTPS
acl ACL_HTTPS2 port 443
cache_peer 127.0.0.1 parent 5000 0 name=https_peer no-query
no-netdb-exchange no-delay
cache_peer 127.0.0.1 parent 5001 0 name=http_peer no-query
no-netdb-exchange no-delay
cache_peer_access https_peer allow ACL_HTTPS2
cache_peer_access http_peer allow ACL_HTTP
never_direct allow all

which seems work fine.

and i want to confirm : "is this a valid way?"
thanks

2012/5/30 Amos Jeffries <squid3_at_treenet.co.nz>:
> On 30.05.2012 14:10, xiaoJay wrote:
>>
>> Hello :
>>
>> My squid version is 2.7.
>> I have 2 cache peer,  and want to redirect http and https request to
>> different cache peer.
>>
>> Here is my conf:
>>
>> acl ACL_HTTPS proto HTTPS
>> acl ACL_HTTP proto HTTP
>> cache_peer 127.0.0.1 parent 5000 0 name=https_peer no-query
>> no-netdb-exchange no-delay
>> cache_peer 127.0.0.1 parent 5001 0 name=http_peer no-query
>> no-netdb-exchange no-delay
>> cache_peer_access https_peer allow ACL_HTTPS
>> cache_peer_access http_peer allow ACL_HTTP
>> never_direct allow all
>>
>> However,  http request is successfully redirected to
>> http_peer(127.0.0.1:5001) but https request is not working as expected
>> so, what is wrong?
>
>
> Are you running a regular proxy, interception proxy, or reverse-proxy? ie
> what are your http_port line(s)?
>
> It is rare to find a browser willing to send https:// URLs to a proxy. They
> all insist on using blind CONNECT tunnels over regular HTTP instead. So
> often the "https://" part is never seen by Squid.
>
> Amos
>
Received on Wed May 30 2012 - 02:40:37 MDT

This archive was generated by hypermail 2.2.0 : Wed May 30 2012 - 12:00:06 MDT