I have a general purpose box that acts as a caching firewall for a small
LAN, and also it reverse proxies (httpd accel) for apache on the
localhost to the web.
I don not use transparent, users load a proxy.pac file.
In 2.5 my config was:
acl accel_host dst 127.0.0.1/32 an.ip.address/32
acl accel_port port 80
http_access deny to_localhost
acl our_networks src 192.168.6.0/24 a.network.address/29 127.0.0.1/32
http_access allow our_networks
http_access deny !accel_port
acl local-servers dstdomain .example.org
http_access allow local-servers
httpd_accel_host 127.0.0.1
httpd_accel_port 80
httpd_accel_single_host on
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
forwarded_for off
In 2.6, I can get outbound caching working for the LAN with:
allow_underscore off
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
acl accel_host dst 127.0.0.1/32 an.ip.address/32
acl accel_port port 80
http_access deny to_localhost
acl our_networks src 192.168.6.0/24 a.network.address/29 127.0.0.1/32
http_access allow our_networks
http_access deny !accel_port
acl local-servers dstdomain .example.org
http_access allow local-servers
forwarded_for off
And can get inbound requests from the Internet working with the above
plus, but it kills local outbound access as all requests are sent to apache:
http_port 3128 vhost (packet filter redirect)
cache_peer 127.0.0.1 parent 80 0 no-query originserver
I've followed various suggestions on
http://wiki.squid-cache.org/SquidFaq/ReverseProxy but these seem to be
for use with squid hosts that only work in 1 direction.
Any ideas?
Ta,
-- CraigReceived on Tue Sep 18 2007 - 09:12:24 MDT
This archive was generated by hypermail pre-2.1.9 : Mon Oct 01 2007 - 12:00:02 MDT