Hi,
I would bet that the internal server has a link or redirection that
includes the internal IP address.
Bilyy
> -----Original Message-----
> From: "Peņa, Botp" [mailto:botp@delmonte-phil.com]
> Sent: Sunday, March 10, 2002 11:06 PM
> To: squid-users@squid-cache.org
> Subject: [squid-users] accelerator goes internal
>
>
> Hi ALL:
>
> I am trying to accelerate an iis server. The iis is connected
> internally
> only but the squid accelerator of course has connected to
> both internal and
> external.
>
> When I browse our site (using squid ip), the first page comes
> up just fine.
> However, when I login or click on other links. I am being
> passed to the
> internal ip of the iis. I cannot access the link since the
> real ip of the
> iis is being passed now to me. I thought that squid should
> get the page fr
> iis, then i or my browser gets page fr squid.
>
> To illustrate:
>
> squid address: 202.57.100.225 external; 10.1.200.1 internal.
> iis address: 10.1.200.8 only
>
> a) I browse 202.57.100.225. First page comes up fine and
> browser address
> shows external address 202.57.100.225
> b) I login (the iis has a login page), the page and browser
> address now
> shows the internal address 10.1.200.8... which is not what i
> expected...
>
> Hints pls...
>
> Thanks
> -botp
>
> the ff three settings are the only ones i added on squid.conf:
>
> http_port 80
> httpd_accel_host 10.1.200.8
> httpd_accel_port 80
>
>
>
>
> > -----Original Message-----
> > From: Colin Campbell [mailto:sgcccdc@citec.qld.gov.au]
> > Sent: Monday, March 11, 2002 12:59 PM
> > To: Su -
> > Cc: squid-users@squid-cache.org
> > Subject: Re: [squid-users] Http access control
> >
> >
> > Hi,
> >
> > On Sun, 10 Mar 2002, Su - wrote:
> >
> > > Hi
> > > I using Squid v2.3. Now i like to control only certain
> > > PCs, eg. PC with Ip Address of 192.168.0.4 ,
> > > 192.168.0.20 are allowed to access Internet. My
> > > network IP address is from 192.168.0.1 -> 192.168.0.50
> > > , Subnet 255.255.255.0
> > >
> > > How can i do so ?
> > >
> > > I tried this way :
> > >
> > > #acl allowed_hosts src 192.168.0.0/255.255.255.0
> > > acl allowed_hosts src 192.168.0.4/255.255.255.0
> > > acl allowed_hosts src 192.168.0.20/255.255.255.0
> >
> > You have
> >
> > a) redefined allowed_hosts. The second one overrides the first.
> >
> > b) masked off the host address with the netmask.
> > (192.168.0.4/255.255.255.0 becomes 192.168.0.0, ie
> > everything). If you
> > look at your logs you'll probably see a message asying
> that's what
> > you've done.
> >
> > > But when i test , still all PCs able to do so. The
> > > result i got, is either deny all PCs, or allow all
> > > pCs.
> >
> > What you want is something like:
> >
> > acl myfriend1 src 192.168.0.4
> > acl myfriend2 src 192.168.0.20
> > acl all src 0.0.0.0/0.0.0.0
> >
> > http_access allow myfriend1
> > http_access allwo myfriend2
> > http_access deny all
> >
> > Colin
> >
>
Received on Sun Mar 10 2002 - 23:27:34 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:06:49 MST