[squid-users] About Squid settings How can I restrict Docker container access with Squid and refer to the host name written in /etc/hosts instead of the external DNS?

Fri Jun 23 07:45:55 UTC 2023

Hello,We become indebted to.

If anyone is familiar with setting up squid in a linux environment, please
let me know.

I want to access the URL of the actual site in the test environment that I
do not want to connect to the production environment.
Specifically, I want to be able to control it with a file like /etc/hosts.

I am building a docker container and
For access on the docker container server
I want it to be a successful move.

----
Example: AAA.optim.co.jp is actually registered in DNS, so
The IP address of the production AAA.optim.co.jp site is referenced.
Therefore, I am trying to rewrite the hosts file on the docker container
server.

### For AAA.optim.co.jp, set to refer to your own server
$ docker exec -it ci_app_1 bash
# vi /etc/hosts
172.17.0.1 AAA.optim.co.jp

However, when I actually hit the URL, I get a 503.
$ docker exec -it ci_app_1 bash
# curl -G -I "https://AAA.optim.co.jp/~"

HTTP/1.1 200 Connection established

HTTP/1.1 503 Service Unavailable
Server: nginx
Date: Tue, 23 May 2023 08:04:30 GMT
Content-Type: application/json; charset=utf-8
Status: 503 Service Unavailable
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: no-cache
X-Request-Id: c690bd75-750b-4985-937f-2ac566d3b09f
X-Runtime: 0.004765
X-Cache: MISS from ip-10-0-3-217.ap-northeast-1.compute.internal
X-Cache-Lookup: MISS from ip-10-0-3-217.ap-northeast-1.compute.internal:3128
Via: 1.1 ip-10-0-3-217.ap-northeast-1.compute.internal (squid/3.5.20)
Connection: keep-alive

If you look at the Squid logs, it goes to see the production site address
registered in DNS.
1684829160.806 135 172.17.0.2 TAG_NONE/200 0 CONNECT AAA.optim.co.jp:443 -
HIER_DIRECT/AAA.AAA.AAA.AAA -
1684829160.838 28 172.17.0.2 TCP_MISS/503 600 HEAD https://AAA.optim.co.jp/～
<https://aaa.optim.co.jp/%EF%BD%9E> -
HIER_DIRECT/AAA.AAA.AAA.AAAapplication/json

----

what i want to do

・If you want to access the https://AAA.optim.co.jp/ site via Squid, you
want to refer to /etc/hosts of your own host instead of DNS.
In short, in case of access to a specific domain, can't it be separated so
that it refers to the hosts file without using DNS?
Is it possible to divide the reference destination of name resolution for
each domain in Squid? about it.

We apologize for the inconvenience, but thank you in advance.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20230623/63cc074b/attachment.htm>