[squid-users] How to set up a reverse proxy using squid for a simplified scenario?

[Amos Jeffries]

On 13/02/18 00:40, Peng Yu wrote:
> It is still not difficult to completely comprehend the squid document
> to see how to modify the example at derpturkey.com for my following
> scenario.
> 
> I have a bunch of forward proxy servers whose IPs are ip1 and ip2,
> ..., ip_n (using port 3128). The reverse proxy will use the
> round-robin policy to forward each incoming request to one of these
> forward proxies.

Simply add "round-robin" option to the cache_peer lines in the
derpturkey example step #2. Otherwise do exactly as it says to do.



> 
> Do you mind giving me a minimal working configuration for my scenario?

You already have that in the derpturkey page.


> Working means that the configure must be used directly without
> modification (except domain names or IP addresses). Minimal means that
> anything not relevant to my scenario should not be included in the
> configuration.
> 
> BTW, to make sure make sure my understanding of forward proxy is
> correct, could you confirm whether the proxies here are forward
> proxies?

A forward-proxy is an HTTP proxy receiving absolute-form URLs
(<https://tools.ietf.org/html/rfc7230#section-5.3.2>) directly from clients.

A reverse-proxy is an HTTP proxy acting as surrogate for an origin
server and thus receiving origin-form URLs
(<https://tools.ietf.org/html/rfc7230#section-5.3.1>) from clients.


> 
> <elided>

A quick check of recent additions to that list shows a bunch of Apache
servers relaying traffic arbitrarily on port 80, and some Sophos AV
software running on personal computers, and some Cloud servers relayign
arbitrary traffic, and some misconfigured reverse-proxies, and some
forward-proxies, and some SOCKS proxies, and some TLS proxies, and some
broken student projects for writing proxies.

There is very much a mix of software types. It has all the appearance of
a malware bot net being sold for illegal uses. I hope you are not trying
to do such things.


Amos