[squid-users] Reverse proxy and TUNNEL to same cache peer

Amos Jeffries squid3 at treenet.co.nz
Tue Aug 7 16:30:06 UTC 2018


On 08/08/18 04:01, Hariharan Sethuraman wrote:
> Thanks Amos: yes agree that I should have told forward proxy.
> 
> When I remove the originserver option from cache_peer, the forward proxy
> is working so which means the rewriter is not precluding from happening.
> Does that give any clue to us? 
> 

Ah, cant believe I missed that. If the parent proxy is your access to
the Internet then is *not* a reverse-proxy. It cannot be and receive
proxy<->proxy traffic.

Any attempt to change the scheme is erased because the scheme is not
part of origin-form message syntax.


> Moreover the reverse proxy is in next hop to the client and not in
> internet. Time being, we are ok to have insecure channel between client
> and squid. Do you have any sample config that that uses a parent proxy
> to do both forward/reverse proxy? Or do you see my config is good enough
> for this requirement.
> 

The traffic types have different syntax. It is possible to have a parent
proxy which receives both, but that has to be different ports and
different cache_peer links between them.

Amos


More information about the squid-users mailing list