[squid-users] squidclient and PROXY procotol enabled http_port
Eliezer Croitoru
eliezer at ngtech.co.il
Sat Apr 14 23:13:32 UTC 2018
Would a nc(netcat) bash based script that will run this kind of request
would be good enough?
Eliezer
----
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: eliezer at ngtech.co.il
-----Original Message-----
From: squid-users <squid-users-bounces at lists.squid-cache.org> On Behalf Of
Rafael Akchurin
Sent: Saturday, April 14, 2018 11:14
To: squid-users (squid-users at lists.squid-cache.org)
<squid-users at lists.squid-cache.org>
Subject: [squid-users] squidclient and PROXY procotol enabled http_port
Greetings to everyone,
I have the following deployment:
- Several Squid nodes configured with "http_port 3128
require-proxy-header"
- One haproxy what relays TCP connections to nodes
- squidclient that is run on each node manually
Browsers pointing to haproxy are correctly serviced by Squid nodes.
Everything works as expected.
But trying to run squidclient to get mgr:idns results in the following.
squidclient -v mgr:idns -h 127.0.0.1 -p 3128
Request:
GET 3128 HTTP/1.0
User-Agent: squidclient/3.5.23
Accept: */*
Connection: close
Cache_log inidicates:
2018/04/14 10:04:38 kid1| PROXY client not permitted by ACLs from
local=[::1]:3128 remote=[::1]:38854 FD 21 flags=1
That is good and fine; but after adding 127.0.0.1 into proxy_protocol_access
directive error changes into:
2018/04/14 10:10:10 kid1| PROXY protocol error: invalid header from
local=127.0.0.1:3128 remote=127.0.0.1:36648 FD 23 flags=1
Question
------------
Is it possible to ask squidclient to prepend the PROXY header to its
request?
More information about the squid-users
mailing list