[squid-users] Reverse proxy and TUNNEL to same cache peer

Amos Jeffries squid3 at treenet.co.nz
Tue Aug 7 16:30:06 UTC 2018

On 08/08/18 04:01, Hariharan Sethuraman wrote:
> Thanks Amos: yes agree that I should have told forward proxy.
> When I remove the originserver option from cache_peer, the forward proxy
> is working so which means the rewriter is not precluding from happening.
> Does that give any clue to us? 

Ah, cant believe I missed that. If the parent proxy is your access to
the Internet then is *not* a reverse-proxy. It cannot be and receive
proxy<->proxy traffic.

Any attempt to change the scheme is erased because the scheme is not
part of origin-form message syntax.

> Moreover the reverse proxy is in next hop to the client and not in
> internet. Time being, we are ok to have insecure channel between client
> and squid. Do you have any sample config that that uses a parent proxy
> to do both forward/reverse proxy? Or do you see my config is good enough
> for this requirement.

The traffic types have different syntax. It is possible to have a parent
proxy which receives both, but that has to be different ports and
different cache_peer links between them.


More information about the squid-users mailing list