[squid-users] Change url_rewrite_program problem
Hicham Berni
bernih75 at gmail.com
Tue Aug 25 13:48:50 UTC 2015
Hi Eliezer,
Thanks you for feedback,
• Squid version installed is2.6.STABLE21 and may be this version not
handling these requests correctly ?
setting for cache peer :
http_port 80 accel defaultsite=add.ptr.lu vhost
https_port 443 cert=/root/add.ptr.lu.pem key=/root/add.ptr.lu.key accel
defaultsite=add.ptr.lu vhost
cache_peer 15.40.40.47 parent 8000 0 no-query originserver
front-end-https=on name=ProdAccel
cache_peer 15.40.40.47 parent 8001 0 no-query originserver name=TestAccel
• From access logs, we do not see any TCP_DENIED log event for the '
add.ptr.lu' request.
> 2015/06/12 17:11:36| Starting Squid Cache version 2.6.STABLE21 for
i686-redhat-linux-gnu... > 2015/06/12 17:11:36| Process ID 3897 > ... >
2015/06/12 17:11:36| Accepting accelerated HTTP connections at 0.0.0.0,
port 8000, FD 18. > 2015/06/12 17:11:36| Accepting proxy HTTP connections
at 0.0.0.0, port 3128, FD 19. > 2015/06/12 17:11:36| Accepting HTTPS
connections at 0.0.0.0, port 443, FD 20. > 2015/06/12 17:11:36| Accepting
ICP messages at 0.0.0.0, port 3130, FD 21. > 2015/06/12 17:11:36| WCCP
Disabled. > 2015/06/12 17:11:36| Configuring Parent 158.64.50.47/8000/0 >
2015/06/12 17:11:36| Configuring Parent 158.64.50.47/8001/0
• Port 8000 is the port using for backend webserver
• So I try to access from external , I try https://add.ptr.lu , I
receive a issue with new url https://add.ptr.lu:8000/register
So I supposed that it cannot return with this url
2015-08-18 18:22 GMT+02:00 Eliezer Croitoru <eliezer at ngtech.co.il>:
> Well it's a bit weird since squid is capable of handling these requests
> and it should not pass a port as a part of the HTTP protocol.
>
> What settings have you tried for a cache peer?
> Have you tried matching with a domain name matching?
> Did you had the chance to get the access.log with or without the
> url_rewrite?
>
> How did you got a request with port 8000? You can always use the "port"
> acl to match it.
> If you are receiving url on port 80 you should not have any issues.
>
> If you can give me couple examples of urls which you get I might be able
> to understand a bit more.
>
> Eliezer
>
>
> On 18/08/2015 18:20, Hicham Berni wrote:
>
>> Hi Eliezer,
>>
>> I try first with cache_peer , but it was not running for this specific
>> web-server port configuration ( 8000 and error was that we received url
>> with port number),
>>
>> I noted that current configuration was using rewrite url program ( for
>> test
>> with port number 8001) and I supposed that it could be same problem by
>> using port 8000 instead 80 ( webdesign don't want to change port number)
>>
>> When i tried with rewrite url program , it ran but just for production
>> url and not test url.
>>
>> 2015-08-18 16:46 GMT+02:00 Eliezer Croitoru <eliezer at ngtech.co.il>:
>>
>> Hey Berni,
>>>
>>> I was wondering to myself, why do you need to rewrite the url?
>>> Can't you just use a cache_peer and couple acls?
>>>
>>> Eliezer
>>>
>>>
>>> On 18/08/2015 16:43, Hicham Berni wrote:
>>>
>>> Hi,
>>>>
>>>> We have a squid reverse configuration, and we need to change backend
>>>> webserver with a new webserver with new IP and port (80 --> 8000) .
>>>>
>>>> Old squid configuration used url_rewrite_program. I 'not familar with
>>>> this
>>>> configuration.
>>>> With port changing on new web server ( 80 --> 8000) , i find that i had
>>>> to
>>>> add new production web on url_rerite_program.
>>>>
>>>> I tried to change program , but i met a issue.
>>>>
>>>> on part 1 --> current rewrite program configuration running today and
>>>> correctly for testurl --> running fine
>>>> on part 2 --> configuration with change for testurl and productionurl
>>>> ->
>>>> OK for productionurl and KO for testurl
>>>>
>>>> An idea if something is wrong on change ?
>>>>
>>>> Part 1) old configuration :
>>>>
>>>> #!/usr/bin/perl
>>>>
>>>> $INTERNALIP="15.40.40.40";
>>>> $PRODUCTIONURL="add.ptr.lu";
>>>> $TESTURL="test.add.ptr.lu";
>>>> $TESTPORT="8001";
>>>>
>>>> # turn off write buffering
>>>> $| = 1;
>>>> while (<>) {
>>>>
>>>> # get the URL from the request
>>>> chomp($url = $_);
>>>>
>>>> if ($url =~ m/($INTERNALIP|$TESTURL):$TESTPORT/)
>>>> {
>>>> # fix up the cname and port
>>>> $url =~ s^:$TESTPORT^^;
>>>> $url =~ s^$INTERNALIP^$TESTURL^;
>>>>
>>>> # fix the protocol
>>>> $url =~ s^https://^http://^;
>>>> }
>>>> else
>>>> {
>>>> # fix up the name
>>>> $url =~ s^$INTERNALIP^$PRODUCTIONURL^;
>>>>
>>>> # fix the protocol
>>>> $url =~ s^http://^https://^;
>>>> }
>>>>
>>>> # return the fixed URL to squid
>>>> print "$url\n";
>>>> }
>>>>
>>>>
>>>> Part 2) configuration with changes
>>>>
>>>> #!/usr/bin/perl
>>>>
>>>> $INTERNALIP="15.40.40.40";
>>>> $PRODUCTIONURL="add.ptr.lu";
>>>> $TESTURL="test.add.ptr.lu";
>>>> $TESTPORT="8001";
>>>> $PRODPORT="8000";
>>>>
>>>> # turn off write buffering
>>>> $| = 1;
>>>> while (<>) {
>>>>
>>>> # get the URL from the request
>>>> chomp($url = $_);
>>>>
>>>> if ($url =~ m/($INTERNALIP|$TESTURL):$TESTPORT/)
>>>> {
>>>> # fix up the cname and port
>>>> $url =~ s^:$TESTPORT^^;
>>>> $url =~ s^$INTERNALIP^$TESTURL^;
>>>>
>>>> # fix the protocol
>>>> $url =~ s^https://^http://^;
>>>> }
>>>>
>>>> elsif ($url =~ m/($INTERNALIP|$PRODUCTIONURL):$PRODPORT/)
>>>> {
>>>> # fix up the cname and port
>>>> $url =~ s^:$PRODPORT^^;
>>>> $url =~ s^$INTERNALIP^$PRODURL^;
>>>>
>>>> # fix the protocol
>>>> $url =~ s^https://^http://^;
>>>> }
>>>>
>>>> else
>>>> {
>>>> # fix up the name
>>>> $url =~ s^$INTERNALIP^$PRODUCTIONURL^;
>>>>
>>>> # fix the protocol
>>>> $url =~ s^http://^https://^;
>>>> }
>>>>
>>>> # return the fixed URL to squid
>>>> print "$url\n";
>>>> }
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> squid-users mailing list
>>>> squid-users at lists.squid-cache.org
>>>> http://lists.squid-cache.org/listinfo/squid-users
>>>>
>>>>
>>>> _______________________________________________
>>> squid-users mailing list
>>> squid-users at lists.squid-cache.org
>>> http://lists.squid-cache.org/listinfo/squid-users
>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150825/3169235c/attachment.html>
More information about the squid-users
mailing list