[squid-users] Capture incoming information from one squid to another.

Chris XMT yaemish at gmail.com
Tue Aug 30 17:32:21 UTC 2022 

I'm still not having any luck.  I'd like to just leave it open and I
understand that it could be abused.  My "CURL" results are;

curl -v --proxy http://SQUID_SERVER:3128 <http://squid_server:3128/> -I
http://www.example.com

* About to connect() to proxy SQUID_SERVER port 3128 (#0)

*   Trying xxx.xxx.xxx.xxx...

* Connected to SQUID_SERVER (xxx.xxx.xxx.xxx) port 3128 (#0)

> HEAD http://www.example.com/ HTTP/1.1

> User-Agent: curl/7.29.0

> Host: www.example.com

> Accept: */*

> Proxy-Connection: Keep-Alive

>

* Empty reply from server

* Connection #0 to host SQUID_SERVER left intact

curl: (52) Empty reply from server


This is my configuration;

dns_v4_first on

never_direct allow all

sslproxy_cert_error allow all



http_port 3128 intercept

acl all src all

http_access allow all



acl Safe_ports port 443

acl Safe_ports port 80          # http

http_access deny !Safe_ports



acl http proto http

acl port_80 port 80

acl port_443 port 443

acl CONNECT method CONNECT


debug_options ALL,1 33,2 28,9

On Wed, Aug 17, 2022 at 2:01 PM Alex Rousskov <
rousskov at measurement-factory.com> wrote:

> On 8/15/22 21:49, Marcelo wrote:
>
> > How can I transfer connection information from one squid server to
> another?
>
> Use cache_peer login=PASSTHRU or login=PASS. Other login=... options may
> also be of interest. See cache_peer documentation in your
> squid.conf.documented for details and caveats.
>
>
> HTH,
>
> Alex.
>
>
> > Example:
> >
> > An user connects to Squid One (Squid One IP 192.1.1.1) through port 4000
> > using usr/pw credentials.
> >
> > Squid One authenticates it via SQL DB. This part is already working fine.
> >
> > Squid One verifies if destination website is in dst domain list.
> >
> > If yes Squid One routes it to Route A. End of story.
> >
> > If no Squid One routes it to Squid Two.
> >
> > But Squid One must inform Squid Two who is the user and witch port he
> > asked to connect.
> >
> > Why? Because Squid Two must use this info as if the user itself is
> > connecting to Squid Two.
> > Why, again? Because Squid Two will use this info to route this user to
> > the correct route. This part is also done.
> >
> > My doubt is, is there a way to make Squid Two “thinks” that user is
> > connecting direct to Squid Two, so that, Squid Two can use user/port
> > information to route this poor little guy.
> >
> > It’s a bit hard to explain it through email.
> >
> > Best Regards.
> >
> > Marcelo.
> >
> >
> > _______________________________________________
> > squid-users mailing list
> > squid-users at lists.squid-cache.org
> > http://lists.squid-cache.org/listinfo/squid-users
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20220830/f6595eaa/attachment.htm>

More information about the squid-users mailing list