[squid-users] Reverse proxy and TUNNEL to same cache peer
Hariharan Sethuraman
srnhari at gmail.com
Tue Aug 7 13:04:13 UTC 2018
Hi,
We have our company proxy and this is how the topology is expected to look
like for the deployment:
Client
-------------------squid-host.com---------------------------company-proxy------------Internet
Now I need to allow reverse proxy(3128) for some request from the client
and tunnel (3129) as well.
Configuration:
http_port 3128 accel allow-direct
http_port 3129
never_direct allow all
always_direct deny all
...
cache_peer company-proxy parent 80 0 no-query no-digest login=PASS
originserver
url_rewrite_access allow all
url_rewrite_program /usr/bin/python ./rewriter_program.py
Usecases:
1) Reverse proxy: Now I can successfully get the response for the query
like curl -X GET http://squid-host.com:3128/microsoftapi/api/something.
Basically I rewrite URL to https://microsft.com/api/something and through
company-proxy I get the response successfully from e.g., microsoft.com.
2) Tunnel: It fails when the client do a query like curl -x
http://squid-host.com:3129 -X GET https://googlecloudapis.com/api/something
< HTTP/1.1 503 Service Unavailable
< Server: squid/3.5.20
< Mime-Version: 1.0
< Date: Tue, 07 Aug 2018 12:36:07 GMT
< Content-Type: text/html;charset=utf-8
< Content-Length: 3879
< X-Squid-Error: ERR_CANNOT_FORWARD 0
< Vary: Accept-Language
< Content-Language: en
<
* The requested URL returned error: 503
* CONNECT phase completed!
* Connection #0 to host squidhostname.com left intact
Now, if I remove the origin server, the TUNNEL goes through and getting the
response but the reverse proxy fails.
Could you let me know how I can handle both tunneling and reverse proxy
through same cache peer?
Thanks,
Hari
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20180807/6370a4fb/attachment.html>
More information about the squid-users
mailing list