[squid-users] How to combine two proxies into one?
Amos Jeffries
squid3 at treenet.co.nz
Thu Feb 15 09:31:37 UTC 2018
On 15/02/18 17:00, Peng Yu wrote:
> Hi,
>
> Here are the conf files for two proxies. The first is a reverse proxy
> (proxied on server1 and server2) and the second is a forward proxy. Is
> there a way to combine the two into one (supporting both 3129 and
> 3128)? Thanks.
One Squid can accept traffic in multiple modes, just by adding the
appropriate *_port lines for each type/mode of traffic.
However, if you are talking about the same setup as your last threads
described the first proxy is *not* doing proper / normal reverse-proxy.
>From what I understand in those setups you are relying on the traffic
being warped into forward-proxy syntax by the frontend and leaving the
domain routing to the backend - which lacks the appropriate security
checks to handle reverse-proxy needs.
In regards to your posted config files. Skipping the lines which are not
actual default configuration you are left with these:
>
> $ grep -v '^#' squid.conf|grep -v '^$'
> http_port 3129
This is not a reverse-proxy. That is declared by the "accel" mode flag
being set - which is not present here.
> cache_peer server1 parent 3128 0 round-robin no-query
> cache_peer server2 parent 3128 0 round-robin no-query
> coredump_dir /usr/local/var/cache/squid
>
> $ grep -v '^#' squid.conf|grep -v '^$'
> http_port 3128
This is also not a reverse-proxy.
> coredump_dir /var/spool/squid3
> refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
To combine the above two configurations take the second one and add this
line:
http_port 3129
BUT, since neither of them was actually a reverse-proxy the answer of
how to merge a reverse-proxy and a forward-proxy would be quite different.
Amos
More information about the squid-users
mailing list