On 10/16/07, Amos Jeffries <squid3@treenet.co.nz> wrote:
> Indunil Jayasooriya wrote:
> > Hi ,
> >
> > I want to know that is it possible for a single Squid server to serve
> > both as a transeparent INTERCEPTING proxy and a reverse proxy
> > simultaneously ?
>
> Yes. I have all three modes operating here at present. Interceptiong,
> forward, and accelerator/reverse.
>
> Just segregate your squid.conf so you can tell the accelerator-specific
> configuration apart from the general and you'll be fine.
>
Pls see below for CURRENT squid.conf file.
http_port 3128
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
to setup reverse proxy on squid 2.5 , http_port should be changed to
80, shouldn't it?
then, what will happen to port 3128 that is used for transpaenrt purpose.
I think I need something like this for reverse proxy.
http_port 80 # Port of Squid proxy
httpd_accel_host 172.16.1.115 # IP address of real web server @ DMZ ZONE
httpd_accel_port 80 # Port of real web server @ DMZ ZONE
httpd_accel_single_host on # Forward uncached requests to single host
httpd_accel_with_proxy on
httpd_accel_uses_host_header off
Now, How should I include the above reverse proxy section by keeping
transeparent proxy section in squid.conf
Should I have to include both sections? then HOW?
pls read below too.
I am ruunnig itables on the SAME BOX. I have added below rules for squid.
#Redirecting traffic destined to port 80 to port 3128
iptables -t nat -A PREROUTING -p tcp -i eth2 --dport 80 -j REDIRECT
--to-port 3128
#For squid traffic to Accept
iptables -A INPUT -i eth2 -d 192.168.101.254 -p tcp -s
192.168.101.0/24 --dport 3128 -j ACCEPT
Evrything works fine.
HOPE to hear from you.
> Amos
>
-- Thank you Indunil JayasooriyaReceived on Tue Oct 16 2007 - 03:06:06 MDT
This archive was generated by hypermail pre-2.1.9 : Thu Nov 01 2007 - 13:00:01 MDT