[squid-users] Configuring squid reverse proxy

[Antony Stone]

On Wednesday 12 August 2015 at 14:38:55, joseph jose wrote:

> Hi,
> 
> I have set up squid in reverse proxy mode to cache an apache webserver
> hosted in linux vm.
> 
> IP of my squid reverse proxy is 10.0.0.1 and 10.0.0.2 is the ip of
> webserver which is also a linux vm

Your squid server has only one interface and IP address?

> my config is as follows
> 
> #acl squidallow dstdomain testsquid.com
> #
> #
> #http_port 10.0.0.1:80 accel defaultsite=testsquid.com
> #
> #
> #cache_peer 10.0.0.2 parent 80 0 no-query originserver name=squidtest
> #cache_peer_access squidtest allow allowsquid

I sincerely hope you don't mean that these directives are all commented out, 
thus not having any effect?

Even if they're not commented out, do you see the discrepancy between 
"squidallow" in the first line and "allowsquid" in the last?

> In the squid proxy machine i have edited the host file and set
> testsquid.com 10.0.0.1 (which is the ip of proxy machine itself), as proxy
> is configured in reverse mode, it is supposed to serve the static page
> from webserver (10.0.0.2).

What's more important than /etc/hosts on the squid server is what machine you 
are running the browser on, and what does *that* machine resolve testsquid.com 
to?

> But when i open browser and search for testsquid.com, squid is logging
> request but returning a TCP_DENIED/403 status.

Sounds like the browser is successfully seeing testsquid.com as 10.0.0.1, 
then, however you should be careful about trying to run tests like this on too 
few machines - you should have the browser on one machine, squid on a second, 
and the web server on a third (no matter whether any of these are real 
machines or VMs).


Regards,


Antony.

-- 
Users don't know what they want until they see what they get.

                                                   Please reply to the list;
                                                         please *don't* CC me.